Sign-up

ID

VAR-201704-0432


CVE

CVE-2014-1677


TITLE

Technicolor TC7200 Vulnerability in which important information is obtained in the firmware of

Trust: 0.8

sources: JVNDB: JVNDB-2014-008291

DESCRIPTION

Technicolor TC7200 with firmware STD6.01.12 could allow remote attackers to obtain sensitive information. The Technicolor TC7200 is a next-generation wireless home gateway device. Technicolor TC7200 is prone to an information-disclosure vulnerability. This may aid in further attacks. Technicolor TC7200 STD6.01.12 is vulnerable; other versions may also be affected. Technicolor (formerly known as Thomson, Thomson) TC7200 is a modem and router product of the French Technicolor Group

Trust: 2.52

sources: NVD: CVE-2014-1677 // JVNDB: JVNDB-2014-008291 // CNVD: CNVD-2014-01306 // BID: 65774 // VULHUB: VHN-69616

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-01306

AFFECTED PRODUCTS

vendor:technicolormodel:tc7200scope:eqversion:std6.01.12

Trust: 2.4

vendor:technicolormodel:tc7200 std6.01.12scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2014-01306 // JVNDB: JVNDB-2014-008291 // CNNVD: CNNVD-201406-481 // NVD: CVE-2014-1677

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-1677
value: HIGH

Trust: 1.0

NVD: CVE-2014-1677
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-01306
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201406-481
value: MEDIUM

Trust: 0.6

VULHUB: VHN-69616
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-1677
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-01306
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-69616
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2014-1677
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2014-01306 // VULHUB: VHN-69616 // JVNDB: JVNDB-2014-008291 // CNNVD: CNNVD-201406-481 // NVD: CVE-2014-1677

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-69616 // JVNDB: JVNDB-2014-008291 // NVD: CVE-2014-1677

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201406-481

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201406-481

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-008291

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-69616

PATCH
title:Cable Modem - Cable Gateway - Technicolorurl:http://www.technicolor.com/en/solutions-services/connected-home/broadband-devices/cable-modems-gateways
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-008291

EXTERNAL IDS
db:NVDid:CVE-2014-1677
Trust: 3.4
db:PACKETSTORMid:125388
Trust: 2.5
db:EXPLOIT-DBid:31894
Trust: 2.3
db:BIDid:65774
Trust: 1.6
db:JVNDBid:JVNDB-2014-008291
Trust: 0.8
db:CNNVDid:CNNVD-201406-481
Trust: 0.7
db:CNVDid:CNVD-2014-01306
Trust: 0.6
db:NSFOCUSid:26123
Trust: 0.6
db:XFid:91578
Trust: 0.6
db:SEEBUGid:SSVID-85208
Trust: 0.1
db:SEEBUGid:SSVID-61581
Trust: 0.1
db:VULHUBid:VHN-69616
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-01306 // 
            
            
            
            VULHUB: VHN-69616 // 
            
            
            
            BID: 65774 // 
            
            
            
            JVNDB: JVNDB-2014-008291 // 
            
            
            
            CNNVD: CNNVD-201406-481 // 
            
            
            
            NVD: CVE-2014-1677

REFERENCES
url:https://packetstormsecurity.com/files/125388
Trust: 2.5
url:http://www.exploit-db.com/exploits/31894
Trust: 1.7
url:http://seclists.org/fulldisclosure/2016/jul/67
Trust: 1.7
url:http://www.securityfocus.com/archive/1/538955/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/91578
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1677
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2014-1677
Trust: 0.8
url:http://www.exploit-db.com/exploits/31894/
Trust: 0.6
url:http://www.securityfocus.com/bid/65774
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/538955/100/0/threaded
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/91578
Trust: 0.6
url:http://www.nsfocus.net/vulndb/26123
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-01306 // 
            
            
            
            VULHUB: VHN-69616 // 
            
            
            
            JVNDB: JVNDB-2014-008291 // 
            
            
            
            CNNVD: CNNVD-201406-481 // 
            
            
            
            NVD: CVE-2014-1677

CREDITS
Jeroen - IT Nerdbox
Trust: 0.9
sources:
            
            
            BID: 65774 // 
            
            
            
            CNNVD: CNNVD-201406-481

SOURCES
db:CNVDid:CNVD-2014-01306
db:VULHUBid:VHN-69616
db:BIDid:65774
db:JVNDBid:JVNDB-2014-008291
db:CNNVDid:CNNVD-201406-481
db:NVDid:CVE-2014-1677

LAST UPDATE DATE
2025-04-20T23:34:27.674000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-01306date:2014-02-27T00:00:00
db:VULHUBid:VHN-69616date:2018-10-09T00:00:00
db:BIDid:65774date:2014-02-25T00:00:00
db:JVNDBid:JVNDB-2014-008291date:2017-05-10T00:00:00
db:CNNVDid:CNNVD-201406-481date:2017-04-07T00:00:00
db:NVDid:CVE-2014-1677date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-01306date:2014-02-27T00:00:00
db:VULHUBid:VHN-69616date:2017-04-03T00:00:00
db:BIDid:65774date:2014-02-25T00:00:00
db:JVNDBid:JVNDB-2014-008291date:2017-05-10T00:00:00
db:CNNVDid:CNNVD-201406-481date:2014-02-25T00:00:00
db:NVDid:CVE-2014-1677date:2017-04-03T15:59:00.207