CVE-2005-0494
First published: Mon Feb 21 2005(Updated: )
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Thomson Thomson Cable Modem | =tcw690 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0494?
CVE-2005-0494 is considered a high-severity vulnerability due to improper password validation that allows unauthorized access.
How do I fix CVE-2005-0494?
To fix CVE-2005-0494, update the firmware of the Thomson TCW690 cable modem to the latest version provided by the manufacturer.
What types of attacks does CVE-2005-0494 enable?
CVE-2005-0494 enables remote attackers on the LAN to gain unauthorized access to the modem's settings via crafted POST requests.
Who is affected by CVE-2005-0494?
CVE-2005-0494 affects users of the Thomson TCW690 cable modem running firmware version 2.1 and software ST42.03.0a.
What should I do if I can't update the firmware to mitigate CVE-2005-0494?
If you cannot update the firmware for CVE-2005-0494, consider disabling remote access and changing default passwords to enhance security.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/author
- agent/event
- agent/tags
- agent/description
- agent/source
- vendor/thomson
- canonical/thomson thomson cable modem
- version/thomson thomson cable modem/tcw690