Arris Vap2500 Firmware vulnerabilities
6 known vulnerabilities affecting arris/vap2500_firmware.
Total CVEs
6
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH5
Vulnerabilities
Page 1 of 1
CVE-2014-8423P1CRITICALCVSS 10.0PoC≤ 08.412014-11-28
CVE-2014-8423 [CRITICAL] CWE-74 CVE-2014-8423: Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote att
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
nvd
CVE-2014-8424P2HIGHCVSS 7.8PoC≤ 08.412014-11-28
CVE-2014-8424 [HIGH] CWE-287 CVE-2014-8424: ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
nvd
CVE-2014-8425P3HIGHCVSS 7.8PoC≤ 08.412014-11-28
CVE-2014-8425 [HIGH] CWE-200 CVE-2014-8425: The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
nvd
CVE-2024-5196P3HIGHCVSS 7.2v08.502024-05-22
CVE-2024-5196 [HIGH] CWE-77 CVE-2024-5196: A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknow
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-2658
nvd
CVE-2024-5195P3HIGHCVSS 7.2v08.502024-05-22
CVE-2024-5195 [HIGH] CWE-77 CVE-2024-5195: A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this is
A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this
nvd
CVE-2024-5194P3HIGHCVSS 7.2v08.502024-05-22
CVE-2024-5194 [HIGH] CWE-77 CVE-2024-5194: A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated ident
nvd