CVE-2005-0494

Published: Feb 21, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.

Affected (1)

Products: Thomson: Thomson Cable Modem

1 product

Thomson Cable Modem

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Thomson Thomson Cable Modem	Version tcw690

References (6)

http://marc.info/?l=bugtraq&m=110886937131507&w=2

Source: cve@mitre.org

http://secunia.com/advisories/14353

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19387

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110886937131507&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/14353

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/19387

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.