Vulnerabilities > CVE-2014-9143 - Code vulnerability in Technicolor Td5130 Router Firmware 2.05.C29Gv

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

technicolor

CWE-17

exploit available

NVD

Published: 2014-12-05

Updated: 2018-10-09

Summary

Open redirect vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the failrefer parameter.

Vulnerable Configurations

Part	Description	Count
OS	Technicolor Technicolor Td5130 Router Firmware 2.05.C29Gv	1

Common Weakness Enumeration (CWE)

CWE-17 - Code

Exploit-Db

description	Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities. CVE-2014-9142,CVE-2014-9143,CVE-2014-9144. Webapps exploit for hardware platform
file	exploits/hardware/webapps/35462.txt
id	EDB-ID:35462
last seen	2016-02-04
modified	2014-12-04
platform	hardware
port	80
published	2014-12-04
reporter	Crash
source	https://www.exploit-db.com/download/35462/
title	Technicolor DT5130 2.05.C29GV - Multiple Vulnerabilities
type	webapps

Packetstorm

data source	https://packetstormsecurity.com/files/download/129374/adsl2plus-xssredirectinject.txt
id	PACKETSTORM:129374
last seen	2016-12-05
published	2014-12-03
reporter	Ewerson Guimaraes
source	https://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.html
title	ADSL2+ 2.05.C29GV XSS / URL Redirect / Command Injection

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Packetstorm

References