PT-2020-12731 · Thomson+1 · Thomson Tht741Fta+1

Published

2020-08-31

Updated

2020-09-09

CVE-2020-11618

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions THOMSON THT741FTA version 2.2.1 Philips DTR3502BFTA DVB-T2 version 2.2.1

Description The set-top boxes have their TELNET service hardcoded to start on boot. This allows an attacker on the local network to achieve root access via the TELNET protocol.

Recommendations For THOMSON THT741FTA version 2.2.1, consider disabling the TELNET service to prevent unauthorized access until a patch is available. For Philips DTR3502BFTA DVB-T2 version 2.2.1, restrict access to the TELNET protocol to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-11618

Affected Products

Philips Dtr3502Bfta Dvb-T2

Thomson Tht741Fta

PT-2020-12731 · Thomson+1 · Thomson Tht741Fta+1

CVE-2020-11618

Related Identifiers

Affected Products

References · 4