CVE-2009-3962

Exploit

EPSS 3.96%
Published 17.11.2009 18:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software before 5.29.52 allows remote attackers to cause a denial of service (reboot) via a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001, a related issue to CVE-2006-4523.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

2wire ≫ 1700hg

2wire ≫ 1701hg

2wire ≫ 1800hw

2wire ≫ 2071

2wire ≫ 2700hg

2wire ≫ 2701hg-t

2wire ≫ 1700hg Version <= 5.29.51

2wire ≫ 1701hg Version <= 5.29.51

2wire ≫ 1800hw Version <= 5.29.51

2wire ≫ 2071 Version <= 5.29.51

2wire ≫ 2700hg Version <= 5.29.51

2wire ≫ 2701hg-t Version <= 5.29.51

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.96%	0.872

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://webvuln.com/advisories/2wire.remote.denial.of.service.txt

Exploit

http://www.securityfocus.com/archive/1/507587/100/0/threaded

http://www.securitytracker.com/id?1023116

Exploit

http://www.vupen.com/english/advisories/2009/3110

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2009-3962

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-3962

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-3962

EUVD