CVE Tools

technicolor

Hardware FirmwareGBcommercial

29

Cumulative CVEs

8

Monthly snapshots

#40

Peak rank

Top products

thomson tcw710 firmware6

Latest CVEs

The 15 most recently published vulnerabilities affecting technicolor.

CVE-2024-3780Information exposure vulnerability on Technicolor CGA21217.8Apr 15, 2024
CVE-2023-47352Technicolor TC8715D devices have predictable default WPA2 security passwords. An attacker who scans for SSID and BSSID values may be able to predict these passwords.8.8Jan 22, 2024
CVE-2023-31808Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote ...7.2Sep 19, 2023
CVE-2018-25039Thomson TCW710 RgUrlBlock.asp Persistent cross site scriting3.5Jun 12, 2022
CVE-2018-25038Thomson TCW710 RgDhcp Persistent cross site scriting3.5Jun 12, 2022
CVE-2018-25037Thomson TCW710 RgDdns Persistent cross site scriting3.5Jun 12, 2022
CVE-2018-25036Thomson TCW710 RgTime Persistent cross site scriting3.5Jun 12, 2022
CVE-2018-25035Thomson TCW710 RGFirewallEL Persistent cross site scriting3.5Jun 12, 2022
CVE-2018-25034Thomson TCW710 wlanPrimaryNetwork Persistent cross site scripting3.5Jun 12, 2022
CVE-2020-11449An issue was discovered on Technicolor TC7337 8.89.17 devices. An attacker can discover admin credentials in the backup file, aka backupsettings.conf.7.5Apr 1, 2020
CVE-2020-10376Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header.9.8Mar 11, 2020
CVE-2019-19494Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim'...8.8Jan 9, 2020
CVE-2019-19495The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker...9.8Jan 8, 2020
CVE-2019-17523An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp.5.4Nov 13, 2019
CVE-2019-17524An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a...5.4Nov 13, 2019