Vulnerabilities for Tc7200 (...) - CXSECURITY.COM

Vulnerabilities for 'Tc7200'

2014-01-08

CVE-2014-0621

CWE-352

Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall.

CVE-2014-0620

Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to inject arbitrary web script or HTML via the (1) ADDNewDomain parameter to parental/website-filters.asp or (2) VmTracerouteHost parameter to goform/status/diagnostics-route.

>>> Vendor: Technicolor 27 Products

Tg585 router firmware

Td5130 router firmware

Tc7200 firmware

Xfinity gateway router dpc3941t firmware

Dpc3928sl firmware

Tc7337 firmware

Td5336 firmware

Tc7200.20 firmware

Tg588v firmware

Tc8305c firmware

Dwg849 firmware

Dwg850-4 firmware

Dwg855 firmware

Twg870 firmware

Tg789vac firmware

Tc7110.ar firmware

Cwa0101 firmware

Tc7200.th2v2 firmware

Tc7110.b firmware

Tc7200.d1i firmware

Cga0111 firmware

Dpc2320 firmware

Cga0101 firmware

Tc7110.d firmware

Tc7200.th2v2.d1i firmware

Copyright 2024, cxsecurity.com