Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4389

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2007-4389
Last Modified 05 Sep 2008 05:28:07
Published 17 Aug 2007 06:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4389

Summary

Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.

Vulnerable Systems


References

XF - 2wire-xslt-csrf(36044)

BUGTRAQ - 20070815 Cross Site Request Forgery in 2wire routers

BID - 27246

SREASON - 3026


Last Updated: 27 May 2016 10:45:50