Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter to the LocalNetwork page.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Speedtouch | Thomson | 516_5.3.2.6.0 (including) | 516_5.3.2.6.0 (including) |
Speedtouch | Thomson | 530_5.3.2.6.0 (including) | 530_5.3.2.6.0 (including) |
Speedtouch | Thomson | 536_5.3.2.6.0 (including) | 536_5.3.2.6.0 (including) |
Speedtouch | Thomson | 546_5.3.2.6.0 (including) | 546_5.3.2.6.0 (including) |
Speedtouch | Thomson | 576_5.3.2.6.0 (including) | 576_5.3.2.6.0 (including) |
Speedtouch | Thomson | 580_5.3.2.6.0 (including) | 580_5.3.2.6.0 (including) |
Speedtouch | Thomson | 585_5.3.2.6.0 (including) | 585_5.3.2.6.0 (including) |