ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS, Inc. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the DdnsUserName, DdnsHostName, and DdnsPassword parameters in the ddns function failing to properly filter the construct command special characters, commands, etc. An attacker could use this vulnerability to cause arbitrary command execution.