CVE-2006-0946
Thomson SpeedTouch - Cross-Site Scripting via LocalNetwork Name Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-0946. PoCs published by Preben Nylokken.
AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in SpeedTouch 500 series devices due to improper input sanitization. An attacker can inject arbitrary script code via the 'name' parameter in the specified URL.
Description
Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter to the LocalNetwork page.
Exploits (1)
The exploit describes a cross-site scripting (XSS) vulnerability in SpeedTouch 500 series devices due to improper input sanitization. An attacker can inject arbitrary script code via the 'name' parameter in the specified URL.