CVE-2006-0946 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter to the LocalNetwork page.

Affected Software

Name	Vendor	Start Version	End Version
Speedtouch	Thomson	516_5.3.2.6.0 (including)	516_5.3.2.6.0 (including)
Speedtouch	Thomson	530_5.3.2.6.0 (including)	530_5.3.2.6.0 (including)
Speedtouch	Thomson	536_5.3.2.6.0 (including)	536_5.3.2.6.0 (including)
Speedtouch	Thomson	546_5.3.2.6.0 (including)	546_5.3.2.6.0 (including)
Speedtouch	Thomson	576_5.3.2.6.0 (including)	576_5.3.2.6.0 (including)
Speedtouch	Thomson	580_5.3.2.6.0 (including)	580_5.3.2.6.0 (including)
Speedtouch	Thomson	585_5.3.2.6.0 (including)	585_5.3.2.6.0 (including)

References

http://secunia.com/advisories/19069
http://securitytracker.com/id?1015688
http://www.osvdb.org/23527
http://www.securityfocus.com/archive/1/426186
http://www.securityfocus.com/bid/16839
http://www.vupen.com/english/advisories/2006/0765
https://exchange.xforce.ibmcloud.com/vulnerabilities/24977
http://secunia.com/advisories/19069
http://securitytracker.com/id?1015688
http://www.osvdb.org/23527
http://www.securityfocus.com/archive/1/426186
http://www.securityfocus.com/bid/16839
http://www.vupen.com/english/advisories/2006/0765
https://exchange.xforce.ibmcloud.com/vulnerabilities/24977

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0946
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html