CVE-2005-0494

Thomson TCW690 Cable Modem - Unauthenticated Password Bypass via RgSecurity Form

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0494. PoCs published by MurDoK.

AI-analyzed exploit summary This exploit targets a password validation vulnerability in Thomson TCW690 routers by sending a malformed POST request to change the password without proper authentication. The code constructs a POST request with the new password and sends it to the router's web interface.

Description

The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.

Exploits (1)

exploitdb WORKING POC VERIFIED
by MurDoK · cremotehardware
https://www.exploit-db.com/exploits/829

This exploit targets a password validation vulnerability in Thomson TCW690 routers by sending a malformed POST request to change the password without proper authentication. The code constructs a POST request with the new password and sends it to the router's web interface.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Thomson TCW690 (hardware version 2.1, software version ST42.03.0a)
No auth needed
Prerequisites: Network access to the target router · Knowledge of the target router's IP address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19387
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/14353
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110886937131507&w=2

Scores

EPSS 0.0258
EPSS Percentile 83.2%

Details

Status published
Products (1)
thomson/thomson_cable_modem tcw690
Published Feb 21, 2005
Tracked Since Feb 18, 2026