CVE-2005-0494

2005-02-2105:00:00

mitre

www.cve.org

7.2 High

AI Score

Confidence

Low

0.054 Low

EPSS

Percentile

93.2%

JSON

The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.

References

marc.info/?l=bugtraq&m=110886937131507&w=2

secunia.com/advisories/14353

exchange.xforce.ibmcloud.com/vulnerabilities/19387