The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.Referenceshttp://www.zerodayinitiative.com/advisories/ZDI-14-387/
