Vulnerabilities > CVE-2007-4389 - Cross-Site Request Forgery vulnerability in 2Wire Routers

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
COMPLETE
network
2wire
exploit available

Summary

Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.

Exploit-Db

description2Wire Routers Cross-Site Request Forgery Vulnerability. CVE-2007-4389. Remote exploit for hardware platform
idEDB-ID:31013
last seen2016-02-03
modified2008-01-15
published2008-01-15
reporterhkm
sourcehttps://www.exploit-db.com/download/31013/
title2Wire Routers - Cross-Site Request Forgery Vulnerability