EuroTel ETL3100 Transmitter Authorization Bypass / Insecure Direct Object Reference Vulnerabilities

The EuroTel ETL3100 transmitter is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access the hidden resources on the system and...

EuroTel ETL3100 Transmitter Information Disclosure

EuroTel ETL3100 Transmitter Unauthenticated Config/Log Download Vulnerability Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model: ETL3100 Exciter v01x37...

EuroTel ETL3100 Transmitter Default Credentials Vulnerability

EuroTel ETL3100 transmitters use a weak set of default administrative credentials that can be guessed in remote password attacks and gain full control of the system. EuroTel ETL3100 Transmitter Default Credentials Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page:...

CVE-2020-11618

THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol...

CVE-2020-11618

The CVE-2020-11618 entry concerns THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB‑T2 2.2.1 set‑top boxes where the TELNET service is hardcoded to start on boot. This configuration enables a local network attacker to gain root access via TELNET. Documents consistently describe the issue as har...

CVE-2020-11617

The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client...

CVE-2020-11617

The CVE-2020-11617 issue affects the RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes. The root cause is that the RSS client does not validate the SSL certificates of RSS servers, enabling a man-in-the-middle attacker to modify data delivered to the cl...

Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks

By Sudais Asif Two popular DVD top-set boxes are vulnerable to both botnet and ransomware attacks. This is a post from HackRead.com Read the original post: Flaws expose DVB-T2 set-top boxes to botnet & ransomware attacks...

dvb-t2-portal.de XSS vulnerability

Open Bug Bounty ID: OBB-264457 Description| Value ---|--- Affected Website:| dvb-t2-portal.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...