Vulnerabilities > Philips > Dtr3502Bfta DVB T2 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-08-31 CVE-2020-11618 THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol.
local
low complexity
thomsonstb philips
7.8
2020-08-31 CVE-2020-11617 Improper Certificate Validation vulnerability in multiple products
The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client.
network
high complexity
thomsonstb philips CWE-295
5.9