CVE-2006-0946

Thomson SpeedTouch - Cross-Site Scripting via LocalNetwork Name Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0946. PoCs published by Preben Nylokken.

AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in SpeedTouch 500 series devices due to improper input sanitization. An attacker can inject arbitrary script code via the 'name' parameter in the specified URL.

Description

Cross-site scripting (XSS) vulnerability in Thomson SpeedTouch modems running firmware 5.3.2.6.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter to the LocalNetwork page.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Preben Nylokken · textwebappshardware
https://www.exploit-db.com/exploits/27320

The exploit describes a cross-site scripting (XSS) vulnerability in SpeedTouch 500 series devices due to improper input sanitization. An attacker can inject arbitrary script code via the 'name' parameter in the specified URL.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: SpeedTouch 500 series
No auth needed
Prerequisites: Access to the vulnerable device's web interface
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015688
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16839
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0765
Exploit mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/426186
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23527
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19069
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24977

Scores

EPSS 0.0193
EPSS Percentile 77.4%

Details

Status published
Products (7)
thomson/speedtouch 516_5.3.2.6.0
thomson/speedtouch 530_5.3.2.6.0
thomson/speedtouch 536_5.3.2.6.0
thomson/speedtouch 546_5.3.2.6.0
thomson/speedtouch 576_5.3.2.6.0
thomson/speedtouch 580_5.3.2.6.0
thomson/speedtouch 585_5.3.2.6.0
Published Mar 01, 2006
Tracked Since Feb 18, 2026