CVE-2023-40039

Опубликовано: 11 сент. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.

Ссылки

https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039
Third Party Advisory
https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.png
Product
https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpg
Product
https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039
Third Party Advisory
https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.png
Product
https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpg
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:arris:tg852g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arris:tg852g:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:arris:tg862g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arris:tg862g:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:arris:tg1672g_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:arris:tg1672g:-:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00533

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284

Связанные уязвимости

GHSA-8758-wxjc-xqrh

CVSS3: 9.8

github

больше 2 лет назад

An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.

EPSS

Процентиль: 67%

0.00533

Низкий

9.8 Critical

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284