CVE-2009-3962

Exploit

EPSS 3.96%
Veröffentlicht 17.11.2009 18:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software before 5.29.52 allows remote attackers to cause a denial of service (reboot) via a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001, a related issue to CVE-2006-4523.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

2wire ≫ 1700hg

2wire ≫ 1701hg

2wire ≫ 1800hw

2wire ≫ 2071

2wire ≫ 2700hg

2wire ≫ 2701hg-t

2wire ≫ 1700hg Version <= 5.29.51

2wire ≫ 1701hg Version <= 5.29.51

2wire ≫ 1800hw Version <= 5.29.51

2wire ≫ 2071 Version <= 5.29.51

2wire ≫ 2700hg Version <= 5.29.51

2wire ≫ 2701hg-t Version <= 5.29.51

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.96%	0.872

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://webvuln.com/advisories/2wire.remote.denial.of.service.txt

Exploit

http://www.securityfocus.com/archive/1/507587/100/0/threaded

http://www.securitytracker.com/id?1023116

Exploit

http://www.vupen.com/english/advisories/2009/3110

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2009-3962

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-3962

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-3962

EUVD