← back
CVE-2007-4389

CVE-2007-4389

EPSS 2.1%
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/31013unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/3026https://exchange.xforce.ibmcloud.com/vulnerabilities/36044http://www.hakim.ws/2wire/demodns.htmlhttp://www.securityfocus.com/archive/1/476595/100/0/threadedhttp://www.securityfocus.com/bid/27246