Browse all 6 CVE security advisories affecting Thomson. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Thomson is a widely used software component in enterprise applications, primarily serving as a content management and document processing solution. Historically, Thomson has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The component has been involved in several high-profile breaches, including incidents where attackers exploited Thomson flaws to gain unauthorized access to sensitive systems. Security researchers have consistently highlighted Thomson's attack surface, particularly its integration with third-party plugins and legacy code paths. Despite patches for its six recorded CVEs, Thomson remains a target for attackers due to its widespread deployment in critical infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-25039 | Thomson TCW710 RgUrlBlock.asp Persistent cross site scriting — TCW710CWE-80 | 3.5 | Low | 2022-06-12 |
| CVE-2018-25038 | Thomson TCW710 RgDhcp Persistent cross site scriting — TCW710CWE-80 | 3.5 | Low | 2022-06-12 |
| CVE-2018-25037 | Thomson TCW710 RgDdns Persistent cross site scriting — TCW710CWE-80 | 3.5 | Low | 2022-06-12 |
| CVE-2018-25036 | Thomson TCW710 RgTime Persistent cross site scriting — TCW710CWE-80 | 3.5 | Low | 2022-06-12 |
| CVE-2018-25035 | Thomson TCW710 RGFirewallEL Persistent cross site scriting — TCW710CWE-80 | 3.5 | Low | 2022-06-12 |
| CVE-2018-25034 | Thomson TCW710 wlanPrimaryNetwork Persistent cross site scripting — TCW710CWE-80 | 3.5 | Low | 2022-06-12 |
This page lists every published CVE security advisory associated with Thomson. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.