Computer Security
[EN] securityvulns.ru no-pyccku


Technicolor DT5130 routers multiple security vulnerabilities
Published:29.12.2014
Source:
SecurityVulns ID:14184
Type:remote
Threat Level:
5/10
Description:Code execution, crossite scripting, open redirect.
Affected:TECHNICOLOR : echnicolor TD5130
CVE:CVE-2014-9144 (Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary commands via shell metacharacters in the ping field (setobject_ip parameter).)
 CVE-2014-9143 (Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter.)
 CVE-2014-9142 (Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter.)
Original documentdocumentEwerson GuimarŠ³es (Crash) - Dclabs, Wireless N ADSL 2/2+ Modem Router - DT5130 - Xss / URL Redirect / Command Injection (29.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod