Dpc3928Sl Firmware
Monthly
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC, DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a, TC7110.AR STD3.38.03, TC7110.B. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.4%.
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC, DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a, TC7110.AR STD3.38.03, TC7110.B. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 22.4%.