Vulnerabilities > BT > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-12 | CVE-2007-5383 | Improper Authentication vulnerability in multiple products The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. | 10.0 |
2007-06-01 | CVE-2007-2982 | Buffer Overflow vulnerability in BT Business Connect Webhelper Activex Control 1.0.0.6 Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before 1.0.0.7 in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |