NVD

Id
29505  
Name
CVE-2014-0621  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote attackers to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) disable advanced options via a request to goform/advanced/options, (3) remove ip-filters via the IpFilterAddressDelete1 parameter to goform/advanced/ip-filters, or (4) remove firewall settings via the cbFirewall parameter to goform/advanced/firewall.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-01-08  
Modified Date
2014-05-05  
Seq
2014-0621  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
156434 29505 CVE-2014-0621 30667  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12131 JVNDB-2014-001006 Technicolor TC7200 におけるクロスサイトリクエストフォージェリの脆弱性 Technicolor (旧 Thomson) TC7200 には、クロスサイトリクエストフォージェリの脆弱性が存在します。 CVE-2014-0621 68022 CVE-2014-0621 29505 6.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001006.html 2014-01-03 2014-01-10 View