Back to search
CVE-2006-0947
Published: Mar 1, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote attackers to create users that cannot be deleted via scripting code in the "31" parameter in a NewUser function, which is not filtered by the modem when creating the account, but cannot be deleted by the administrator, possibly due to cleansing that occurs in the administrator interface.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1015688
vdb-entry
x_refsource_SECTRACK
16839
vdb-entry
x_refsource_BID
ADV-2006-0765
vdb-entry
x_refsource_VUPEN
20060226 Thomson SpeedTouch 500 modems vulnerable to XSS
mailing-list
x_refsource_BUGTRAQ
19069
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now