The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-02-21T05:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-02-21T00:00:00
Link: CVE-2005-0494
JSON object: View
NVD Information
Status : Modified
Published: 2005-02-21T05:00:00.000
Modified: 2017-07-11T01:32:19.593
Link: CVE-2005-0494
JSON object: View
Redhat Information
No data.
CWE