CVE-2014-3778

ARRIS SBG901 - Cross-Site Request Forgery in goform/RgDdns

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3778. PoCs published by Blessen Thomas.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in the Motorola SBG901 Wireless Modem, allowing an attacker to change DNS settings, username, and password via a crafted HTML form. The PoC submits a POST request to the modem's web interface without requiring user interaction beyond clicking a button.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote attackers to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsService parameter, (2) change the username via the DdnsUserName parameter, (3) change the password via the DdnsPassword parameter, or (4) change the host name via the DdnsHostName parameter.

Exploits (1)

exploitdb WORKING POC
by Blessen Thomas · textwebappshardware
https://www.exploit-db.com/exploits/33792

This exploit demonstrates a CSRF vulnerability in the Motorola SBG901 Wireless Modem, allowing an attacker to change DNS settings, username, and password via a crafted HTML form. The PoC submits a POST request to the modem's web interface without requiring user interaction beyond clicking a button.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Motorola SBG901 Wireless Modem
No auth needed
Prerequisites: Victim must be authenticated to the modem's web interface · Victim must visit the malicious HTML page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/33792

Scores

EPSS 0.0194
EPSS Percentile 77.6%

Details

CWE
CWE-352
Status published
Products (1)
commscope/arris_sbg901
Published Jun 19, 2014
Tracked Since Feb 18, 2026