Technicolor Tc7200 Firmware vulnerabilities
3 known vulnerabilities affecting technicolor/tc7200_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-1677P2HIGHCVSS 7.5ExploitedPoCvstd6.01.122017-04-03
CVE-2014-1677 [HIGH] CWE-200 CVE-2014-1677: Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive informa
Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information.
nvd
CVE-2014-0621P4MEDIUMCVSS 6.8PoCvstd6.01.122014-01-08
CVE-2014-0621 [MEDIUM] CWE-352 CVE-2014-0621: Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200
Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-fi
nvd
CVE-2014-0620P4MEDIUMCVSS 4.3PoCvstd6.01.122014-01-08
CVE-2014-0620 [MEDIUM] CWE-79 CVE-2014-0620: Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01
Multiple cross-site scripting (XSS) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to inject arbitrary web script or HTML via the (1) ADDNewDomain parameter to parental/website-filters.asp or (2) VmTracerouteHost parameter to goform/status/diagnostics-route.
nvd