Vulnerabilities > Technicolor > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-12-23 CVE-2018-20393 Unspecified vulnerability in Technicolor products
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC, DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a, TC7110.AR STD3.38.03, TC7110.B STC8.62.02, TC7110.D STDB.79.02, TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT, and TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
technicolor
critical
 9.8
9.8
2018-12-23 CVE-2018-20381 Unspecified vulnerability in Technicolor Dpc2320 Firmware Dpc2300R2V202R1244101150420Av6
Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
technicolor
critical
 9.8
9.8
2017-09-04 CVE-2017-14127 OS Command Injection vulnerability in Technicolor Td5336 Firmware 7.0
Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi.
network
low complexity
technicolor CWE-78
critical
 9.8
9.8
2017-04-27 CVE-2017-5135 Unspecified vulnerability in Technicolor Dpc3928Sl Firmware D3928Slp1513A386C3420R55105160127A
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases.
network
low complexity
technicolor
critical
 9.1
9.1