7.5

CVE-2006-0947

Exploit

EPSS 5.71%
Veröffentlicht 01.03.2006 02:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Thomson SpeedTouch modem running firmware 5.3.2.6.0 allows remote attackers to create users that cannot be deleted via scripting code in the "31" parameter in a NewUser function, which is not filtered by the modem when creating the account, but cannot be deleted by the administrator, possibly due to cleansing that occurs in the administrator interface.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Thomson ≫ Speedtouch Version516_5.3.2.6.0

Thomson ≫ Speedtouch Version530_5.3.2.6.0

Thomson ≫ Speedtouch Version536_5.3.2.6.0

Thomson ≫ Speedtouch Version546_5.3.2.6.0

Thomson ≫ Speedtouch Version576_5.3.2.6.0

Thomson ≫ Speedtouch Version580_5.3.2.6.0

Thomson ≫ Speedtouch Version585_5.3.2.6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.71%	0.902

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/19069

http://securitytracker.com/id?1015688

http://www.securityfocus.com/archive/1/426186

Exploit

http://www.securityfocus.com/bid/16839

Exploit

http://www.vupen.com/english/advisories/2006/0765

https://nvd.nist.gov/vuln/detail/CVE-2006-0947

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0947

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0947

EUVD