CVE-2014-4863

Arris Touchstone DG950A <7.10.131 - Info Disclosure

Title source: llm

Description

The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request.

Exploits (1)

metasploit WORKING POC

by Deral, Heiland · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/snmp/arris_dg950.rb

View Code ZIP pw:eip

References (2)

[US Government Resource] http://www.kb.cert.org/vuls/id/855836

[Exploit] https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863

Scores

EPSS 0.2355

EPSS Percentile 96.0%

Details

CWE

CWE-200

Status published

Products (2)

arris/touchstone_dg950a

arris/touchstone_dg950a_software 7.10.131

Published Sep 05, 2014

Tracked Since Feb 18, 2026