Vulnerabilities > Technicolor > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2020-10376 | Cleartext Transmission of Sensitive Information vulnerability in Technicolor Tc7337Net Firmware 08.89.17.23.03 Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header. | 9.8 |
| 2020-01-09 | CVE-2019-19494 | Classic Buffer Overflow vulnerability in multiple products Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. | 9.3 |
| 2020-01-08 | CVE-2019-19495 | Improper Input Validation vulnerability in Technicolor Tc7230 Steb Firmware 0.1.25 The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. | 10.0 |
| 2017-09-04 | CVE-2017-14127 | OS Command Injection vulnerability in Technicolor Td5336 Firmware 7.0 Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi. | 10.0 |