BT : Security Vulnerabilities CVSS score >= 8

The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues.
Max Base Score
Published 2007-10-12
Updated 2018-10-15
EPSS 2.04%
Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
Max Base Score
Published 2007-06-01
Updated 2017-07-29
EPSS 7.66%
2 vulnerabilities found
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to terms of use!