PT-2017-11919 · Technicolor · Tc7337

Geolado Giolado

Published

2017-08-03

Updated

2017-08-12

CVE-2017-11320

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Technicolor TC7337 version 08.89.17.20.00

Description The issue allows an attacker to perform a persistent XSS attack through the SSID of nearby Wi-Fi devices, potentially leading to DNS Poisoning and credential theft from the router.

Recommendations For version 08.89.17.20.00, update the firmware to a version that addresses this issue, as no specific workaround is provided for this version.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2017-11320

Affected Products

Tc7337

PT-2017-11919 · Technicolor · Tc7337

CVE-2017-11320

Weakness Enumeration

Related Identifiers

Affected Products

References · 4