Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and subsequently obtain unrestricted root privileges, by establishing an SSH session and then entering certain shell metacharacters and BusyBox commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Arris NVG589和NVG599 AT&T U-verse 安全漏洞
Vulnerability Description
Arris NVG589和NVG599都是美国Arris集团公司的路由器产品。AT&T U-verse是使用在其中的固件。 Arris NVG589和NVG599中的AT&T U-verse 9.2.2h0d83版本存在安全漏洞。远程攻击者可通过建立SSH会话并输入特定的shell元字符和BusyBox命令利用该漏洞访问‘Terminal shell v1.0’命令,并获取不受限制的root权限。
CVSS Information
N/A
Vulnerability Type
N/A