Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 and then installing new software, such as BusyBox with "nc -l" support.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Arris NVG599 AT&T U-verse 安全漏洞
Vulnerability Description
Arris NVG599是美国Arris集团公司的一款路由器产品。AT&T U-verse是使用在其中的固件。 Arris NVG599中的AT&T U-verse 9.2.2h0d83版本存在安全漏洞。远程攻击者可通过在49955端口上建立会话,并安装新软件利用该漏洞获取root权限。
CVSS Information
N/A
Vulnerability Type
N/A