Vulnerabilities > CVE-2014-9143 - Code vulnerability in Technicolor Td5130 Router Firmware 2.05.C29Gv
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities. CVE-2014-9142,CVE-2014-9143,CVE-2014-9144. Webapps exploit for hardware platform |
| file | exploits/hardware/webapps/35462.txt |
| id | EDB-ID:35462 |
| last seen | 2016-02-04 |
| modified | 2014-12-04 |
| platform | hardware |
| port | 80 |
| published | 2014-12-04 |
| reporter | Crash |
| source | https://www.exploit-db.com/download/35462/ |
| title | Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities |
| type | webapps |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/129374/adsl2plus-xssredirectinject.txt |
| id | PACKETSTORM:129374 |
| last seen | 2016-12-05 |
| published | 2014-12-03 |
| reporter | Ewerson Guimaraes |
| source | https://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.html |
| title | ADSL2+ 2.05.C29GV XSS / URL Redirect / Command Injection |
References
- http://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.html
- http://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.html
- http://www.exploit-db.com/exploits/35462
- http://www.exploit-db.com/exploits/35462
- http://www.securityfocus.com/archive/1/534143/100/0/threaded
- http://www.securityfocus.com/archive/1/534143/100/0/threaded