CVE-2020-9476
HIGHARRIS TG1692A Firmware - Inadequate Encryption Strength via Base64 Decoding
Title source: llmDescription
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://arris.secure.force.com/consumers/ConsumerProductSupport
Various Sources x_refsource_misc
https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9476-494a08298c6b
Scores
CVSS v3
7.5
EPSS
0.0096
EPSS Percentile
56.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-326
Status
published
Products (1)
commscope/arris_tg1692a_firmware
9.1.103de2
Published
Mar 04, 2020
Tracked Since
Feb 18, 2026