

Network-based unauthenticated exploitation is most severe if the router’s web services (such as the administration portal) are exposed to the Internet, though it can also be exploited on the LAN. It is possible to recover the WiFi access code and SSID, remote administration password, SIP credentials (if VoIP is supported), ISP CWMP/TR-069 endpoint URLs and their username and password as well as other sensitive information, although some parts may require more complicated techniques or computing resources that may not be available to all attackers. The most severe vulnerability allows unauthenticated path traversal from the root of the file system as the root user. These routers are typically loaned to ISP subscribers for telephony and Internet access. This web server is widely used in ISP customer premise equipment (CPE), most notably in Arris firmware used in router models (at least, possibly other) NVG443, NVG599, NVG589, NVG510, as well as ISP-customized variants such as BGW210 and BGW320 (Arris has declined to confirm affected models). Multiple vulnerabilities exist in the MIT-licensed muhttpd web server.

NOTE: This issue has been patched and deployed by at least one ISP, whose BGW routers use a customized variant of Arris NVG firmware.

We also offer approved dual-shield and quad-shield cables, connectors and installation tools for on-site installations, plus we can help you design the cabling solution that best meets your requirements.Arris / Arris-variant DSL/Fiber router critical vulnerability exposure These new kits are available in custom lengths and configurations, and include upstream and downstream cable assemblies to connect to the customer plant.

White Sands Engineering now offers cable kits for the ARRIS E6000 Converged Edge Router generation 1 and 2.
