GCVE - cpe:2.3:h:technicolor:dpc3928sl:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:technicolor:dpc3928sl:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Technicolor (`007c97e8-b0d3-5a8e-a93d-5ed8b854e1a5`)
Product	Dpc3928Sl (`c98034fd-eba4-51ce-a985-f87b2d49a666`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-20439`	not_vulnerable	2026-06-03 14:38:39.114870	Details available Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests. Published: 2018-12-25T15:00:00.000Z Updated: 2024-09-17T02:46:33.486Z Open on db.gcve.eu Reference links https://misteralfa-hack.blogspot.com/2018/12/technicolor-passwords-wireless-via-snmp.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-20379`	not_vulnerable	2026-06-03 14:38:39.004398	Details available Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001. Published: 2018-12-23T21:00:00.000Z Updated: 2024-09-16T19:57:37.627Z Open on db.gcve.eu Reference links https://misteralfa-hack.blogspot.com/2018/12/cisco-dpc3928sl-explotando-un-xss-via.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-5135`	not_vulnerable	2026-06-03 14:37:18.533437	Details available Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability. Published: 2017-04-27T15:00:00.000Z Updated: 2024-08-05T14:55:34.842Z Open on db.gcve.eu Reference links https://stringbleed.github.io/ http://www.securityfocus.com/bid/98092 https://www.reddit.com/r/netsec/comments/67qt6u/cve_20175135_snmp_authentication_bypass/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.