BT Home Hub and Thomson/Alcatel Speedtouch 7G Multiple Vulnerabilities

The following exploit code is available through GNUCitizen:

UPDATE (January 10, 2008) - The cross-site scripting issue can be leveraged to perform unauthorized actions via UPnP. Please see the Bugtraq message entitled "BT Home Flub: Pwnin the BT Home Hub (5) - exploiting IGDs remotely via UPnP" in the references section for further information.

UPDATE (January 21, 2008) - The following proof-of-concept URI is available; please see the referenced "Call Jacking: Phreaking the BT Home Hub" webpage for further information:



Privacy Statement
Copyright 2010, SecurityFocus