Information Disclosure Vulnerability in Technicolor TC7200 Router
CVE-2014-1677

7.5HIGH

Key Information:

Vendor

Technicolor

Status
Tc7200 Firmware
Vendor
CVE Published:
3 April 2017

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 28%

What is CVE-2014-1677?

The Technicolor TC7200 router with specific firmware versions is susceptible to a vulnerability that allows remote attackers to access sensitive information. This risk may lead to unauthorized disclosure of data, prompting concerns about the overall security posture of devices utilizing the affected firmware. Users of this router should be aware of potential exploitation methods and consider applying necessary updates to safeguard their networks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

freePW_tc7200Eploit
Created by tihmstar

References

http://seclists.org/fulldisclosure/2016/Jul/67
mailing-listx_refsource_FULLDISC
https://packetstormsecurity.com/files/125388
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/91578
vdb-entryx_refsource_XF

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability Reserved

.