The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTechnicolor Tc7230 Steb
HWTechnicolorwszystkie wersjeTechnicolor Tc7230 Steb Firmware
OSTechnicolor0.1.25
Related vulnerabilities
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote...
Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the netw...
Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC devices allow remote attackers to discover Wi-Fi crede...
Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4....
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-F...