Skip to main content

Arris Tr3300 Firmware

8 CVEs product

Monthly

CVE-2022-27002 CRITICAL POC Act Now

Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns、ddns_host parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
6.1%
CVE-2022-27001 CRITICAL POC Act Now

Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-27000 CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-26999 CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-26998 CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-26997 CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
3.5%
CVE-2022-26996 CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe function via the pppoe_username, pppoe_passwd, and pppoe_servicename parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2022-26995 CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
EPSS 6% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns、ddns_host parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe function via the pppoe_username, pppoe_passwd, and pppoe_servicename parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Arris Tr3300 Firmware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy