Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5383

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5383
Last Modified 11 Oct 2008 12:00:00
Published 11 Oct 2007 09:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5383

Summary

The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues.

Vulnerable Systems


References

XF - bthomehub-cgib-auth-bypass(41271)

MISC - http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/

BID - 25972

BUGTRAQ - 20080301 The Router Hacking Challenge is Over!

BUGTRAQ - 20071008 BT Home Flub: Pwnin the BT Home Hub

MISC - http://www.gnucitizen.org/projects/router-hacking-challenge/

MISC - http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/

MISC - http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub

SREASON - 3213


Last Updated: 27 May 2016 10:46:10