Technicolor Tc7230 Steb Firmware vulnerabilities
2 known vulnerabilities affecting technicolor/tc7230_steb_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2019-19494P2HIGHCVSS 8.8PoCv01.252020-01-09
CVE-2019-19494 [HIGH] CWE-120 CVE-2019-19494: Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allow
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0
nvd
CVE-2019-19495P2CRITICALCVSS 9.8v0.1.252020-01-08
CVE-2019-19495 [CRITICAL] CWE-20 CVE-2019-19495: The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows
The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell.
nvd