CVE-2020-11618

HIGH

7.8

Beschreibung

THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol.

CVE Details

CVSS v3.1 Bewertung7.8

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienLOW

BenutzerinteraktionNONE

Veroffentlicht8/31/2020

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

philips:dtr3502bfta_dvb-t2philips:dtr3502bfta_dvb-t2_firmwarethomsonstb:tht741ftathomsonstb:tht741fta_firmware

Referenzen

https://decoded.avast.io/vladislaviliushin/flaws-in-dvb-t2-set-top-boxes-exposed/(cve@mitre.org)

https://decoded.avast.io/vladislaviliushin/flaws-in-dvb-t2-set-top-boxes-exposed/(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.