Telephony Gateway Vulnerability in ARRIS Products
CVE-2014-9406

Currently unrated

Key Information:

Vendor: Arris
Status: Touchstone Tg862g\/ct Firmware
Vendor: CVE Published:; 18 December 2014

What is CVE-2014-9406?

The ARRIS Touchstone TG862G/CT Telephony Gateway is vulnerable due to its default admin password being set to 'password'. This configuration flaw allows remote attackers to easily gain unauthorized access to the device by making specific requests to the home_loggedout.php endpoint. Users are strongly advised to change the default password to prevent potential exploitation.

References

http://seclists.org/fulldisclosure/2014/Dec/57

mailing-listx_refsource_FULLDISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 18, 2014

Arris

What is CVE-2014-9406?

References

Timeline