Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5419

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5419
Last Modified 15 Nov 2008 02:00:54
Published 12 Oct 2007 05:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5419

Summary

The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface.

Vulnerable Systems


References

BID - 26009

BUGTRAQ - 20071010 3Com WIFI router remote administration vulnerability.

OSVDB - 43657

SREASON - 3217


Last Updated: 27 May 2016 10:46:10