CVE-2007-4387

Public exploit
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG and 2071 Gateway routers, with 3.17.5 and 5.29.51 software, allows remote attackers to perform certain configuration changes as administrators.
Max CVSS
4.3
EPSS Score
33.47%
Published
2007-08-17
Updated
2018-10-15
The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software before 5.29.52 allows remote attackers to cause a denial of service (reboot) via a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001, a related issue to CVE-2006-4523.
Max CVSS
7.8
EPSS Score
1.75%
Published
2009-11-17
Updated
2018-10-10
Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that cause a denial of service (network outage) via a page parameter with a % (percent) character followed by a non-alphanumeric character.
Max CVSS
6.8
EPSS Score
1.35%
Published
2009-04-06
Updated
2017-09-29
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
Max CVSS
7.8
EPSS Score
3.23%
Published
2007-08-17
Updated
2018-10-15
2wire 1701HG and 2071 Gateway routers, with 5.29.51 and possibly 3.17.5 software, have a blank password by default.
Max CVSS
10.0
EPSS Score
0.36%
Published
2007-08-17
Updated
2018-10-15
Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error.
Max CVSS
4.3
EPSS Score
1.54%
Published
2004-12-31
Updated
2017-07-29
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!