MEDIUM🇬🇧 English

CVE-2018-20379

CVSS 4.7v3.0pub. 2018-12-23upd. 2024-11-21

Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
  • Technicolor Dpc3928sl

    HW
    Technicolor
    wszystkie wersje
  • Technicolor Dpc3928sl Firmware

    OS
    Technicolor
    d3928sl-psip-13-a010-c3420r55105-160428a
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2018-20439CRITICAL9.8ten sam produkt

Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-F...

CVE-2018-20393CRITICAL9.8ten sam produkt

Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SK...

CVE-2017-5135CRITICAL9.1ten sam produkt

Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in som...

CVE-2020-10376CRITICAL9.8ten sam vendor

Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the netw...

CVE-2019-19495CRITICAL9.8ten sam vendor

The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote a...