Lucene search

[email protected]CVE-2007-0435

HistoryJan 23, 2007 - 2:28 a.m.

CVE-2007-0435

2007-01-2302:28:00

CWE-287

[email protected]

web.nvd.nist.gov

t-com

speedport 500v

firmware

authentication bypass

remote attackers

nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.069 Low

EPSS

Percentile

93.8%

JSON

T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.

CPENameOperatorVersion
t-com:speedport_500vt-com speedport 500veq-
t-com:speedport_500v_firmwaret-com speedport 500v firmwareeq1.31

CPE	Name	Operator	Version
t-com:speedport_500v	t-com speedport 500v	eq	-
t-com:speedport_500v_firmware	t-com speedport 500v firmware	eq	1.31

References

osvdb.org/32995

secunia.com/advisories/23853

www.securityfocus.com/archive/1/457453/100/0/threaded

www.securityfocus.com/archive/1/457645/100/0/threaded

www.securityfocus.com/archive/1/457656/100/0/threaded

www.securityfocus.com/archive/1/460319/100/0/threaded

www.securityfocus.com/bid/22160

exchange.xforce.ibmcloud.com/vulnerabilities/31621

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.069 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2007-0435

securityvulns1 prion1