Hi,

Multiple vulnerabilities exist in Arris Touchstone Telephony Gateway (TG)
Series devices, related to its web administration console.
The CVEs for these devices have been
created: CVE-2018-10989, CVE-2018-10990, CVE-2018-10991.

A blog post containing the full disclosure has been created:
https://medium.com/@AkshaySharmaUS/comcast-arris-touchstone-gateway-devices-are-vulnerable-heres-the-disclosure-7d603aa9342c

Thank you.

Regards
Akshay 'Ax' Sharma