CVE-2020-9476

EUVD-2020-30293
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Affected Products (NVD)
VendorProductVersion
commscopearris_tg1692a_firmware
9.1.103de2:de2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://arris.secure.force.com/consumers/ConsumerProductSupport
https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9476-494a08298c6b
https://arris.secure.force.com/consumers/ConsumerProductSupport
https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9476-494a08298c6b