3 matches found
CVE-2007-4387
CVE-2007-4387 affects 2Wire routers (1701HG, 2071) with software versions 3.17.5/5.29.51. The flaw is a cross-site request forgery on the /xslt page that allows an attacker to perform configuration changes as an administrator. Related public material (PacketStorm, Metasploit module) confirms a CS...
CVE-2007-4388
The provided connected documents confirm a vulnerability in 2wire 1701HG and 2071 Gateway routers running software 5.29.51 (and possibly 3.17.5), where a blank password is set by default. This implies potential unauthorized access to router management/settings if default credentials are not chang...
CVE-2007-4389
CVE-2007-4389 affects 2wire gateways (models 1701HG, 1800HW, 2071) with firmware 3.17.5, 3.7.1, and 5.29.51. A CSRF flaw in /xslt allows remote attackers to create DNS mappings as administrators, enabling DNS poisoning via NAME and ADDR parameters. The sources describe the affected products and t...