Skip to main content

Dtr3502Bfta Dvb T2 Firmware

2 CVEs product

Monthly

CVE-2020-11618 HIGH POC This Week

THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tht741Fta Firmware Dtr3502Bfta Dvb T2 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-11617 MEDIUM POC This Month

The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Tht741Fta Firmware Dtr3502Bfta Dvb T2 Firmware
NVD
CVSS 3.1
5.9
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH POC This Week

THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tht741Fta Firmware Dtr3502Bfta Dvb T2 Firmware
NVD
EPSS 0% CVSS 5.9
MEDIUM POC This Month

The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Tht741Fta Firmware Dtr3502Bfta Dvb T2 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy