Technicolor TC7230 STEB 01.25 Improper Input Validation Vulnerability


The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim’s browser. 


The information has been provided by Alexander Dalsgaard Krog

The original article can be found at:


The attacker can then configure the cable modem to port forward the modem’s internal TELNET server, allowing external access to a root shell.


Vulnerable Systems:

Technicolor TC7230 STEB 01.25


CVE Information:



Disclosure Timeline:
Published Date:1/8/2020

Categories: News