7.8
CVE-2007-4389
- EPSS 4.23%
- Veröffentlicht 17.08.2007 22:17:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
2wire ≫ 1701hg Router Version3.7.1
2wire ≫ 1701hg Router Version3.17.5
2wire ≫ 1701hg Router Version5.29.51
2wire ≫ 1800hw Router Version3.7.1
2wire ≫ 1800hw Router Version3.17.5
2wire ≫ 1800hw Router Version5.29.51
2wire ≫ 2071 Router Version3.7.1
2wire ≫ 2071 Router Version3.17.5
2wire ≫ 2071 Router Version5.29.51
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.23% | 0.881 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 8.6 | 7.8 |
AV:N/AC:M/Au:N/C:N/I:P/A:C
|