A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265832.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XArris Vap2500
HWArriswszystkie wersjeArris Vap2500 Firmware
OSArris08.50
Related vulnerabilities
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to ...
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass aut...
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading...
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerabi...
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of ...