Details of VAR-200708-0347

ID

VAR-200708-0347

CVE

CVE-2007-4389

TITLE

2Wire Routers Cross-Site Request Forgery Vulnerability

Trust: 0.9

sources: BID: 27246 // CNNVD: CNNVD-200708-280

DESCRIPTION

Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters. Multiple 2Wire routers are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to execute arbitrary actions on an affected device

Trust: 1.98

sources: NVD: CVE-2007-4389 // JVNDB: JVNDB-2007-002517 // BID: 27246 // VULHUB: VHN-27751

AFFECTED PRODUCTS

vendor:	2wire	model:	1701hg router	scope:	eq	version:	3.17.5	Trust: 2.4
vendor:	2wire	model:	1800hw router	scope:	eq	version:	3.17.5	Trust: 2.4
vendor:	2wire	model:	2071 router	scope:	eq	version:	3.17.5	Trust: 2.4
vendor:	2wire	model:	2071 router	scope:	eq	version:	3.7.1	Trust: 1.6
vendor:	2wire	model:	1800hw router	scope:	eq	version:	3.7.1	Trust: 1.6
vendor:	2wire	model:	2071 router	scope:	eq	version:	5.29.51	Trust: 1.6
vendor:	2wire	model:	1701hg router	scope:	eq	version:	3.7.1	Trust: 1.6
vendor:	2wire	model:	1800hw router	scope:	eq	version:	5.29.51	Trust: 1.6
vendor:	2wire	model:	1701hg router	scope:	eq	version:	5.29.51	Trust: 1.6
vendor:	2wire	model:	1701hg router	scope:	eq	version:	software 5.29.51	Trust: 0.8
vendor:	2wire	model:	1701hg router	scope:	eq	version:	and 3.7.1	Trust: 0.8
vendor:	2wire	model:	1800hw router	scope:	eq	version:	software 5.29.51	Trust: 0.8
vendor:	2wire	model:	1800hw router	scope:	eq	version:	and 3.7.1	Trust: 0.8
vendor:	2wire	model:	2071 router	scope:	eq	version:	software 5.29.51	Trust: 0.8
vendor:	2wire	model:	2071 router	scope:	eq	version:	and 3.7.1	Trust: 0.8
vendor:	2wire	model:	gateway	scope:	eq	version:	20715.29.51	Trust: 0.3
vendor:	2wire	model:	gateway	scope:	eq	version:	20713.17.5	Trust: 0.3
vendor:	2wire	model:	gateway	scope:	eq	version:	20713.7.1	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	5.29.51	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	3.17.5	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	3.7.1	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	5.29.51	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	3.17.5	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	3.7.1	Trust: 0.3

sources: BID: 27246 // JVNDB: JVNDB-2007-002517 // CNNVD: CNNVD-200708-280 // NVD: CVE-2007-4389

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-4389
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-4389
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200708-280
value:	HIGH
Trust: 0.6
VULHUB:	VHN-27751
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-4389
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-27751
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-27751 // JVNDB: JVNDB-2007-002517 // CNNVD: CNNVD-200708-280 // NVD: CVE-2007-4389

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-4389

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-280

TYPE

Design Error

Trust: 0.9

sources: BID: 27246 // CNNVD: CNNVD-200708-280

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002517

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-27751

PATCH

title:

Top Page

url:

http://www.2wire.com/

Trust: 0.8

sources: JVNDB: JVNDB-2007-002517

EXTERNAL IDS

db:	NVD	id:	CVE-2007-4389	Trust: 2.8
db:	BID	id:	27246	Trust: 2.0
db:	SREASON	id:	3026	Trust: 1.7
db:	JVNDB	id:	JVNDB-2007-002517	Trust: 0.8
db:	XF	id:	36044	Trust: 0.6
db:	XF	id:	2	Trust: 0.6
db:	BUGTRAQ	id:	20070815 CROSS SITE REQUEST FORGERY IN 2WIRE ROUTERS	Trust: 0.6
db:	CNNVD	id:	CNNVD-200708-280	Trust: 0.6
db:	EXPLOIT-DB	id:	31013	Trust: 0.1
db:	SEEBUG	id:	SSVID-84368	Trust: 0.1
db:	VULHUB	id:	VHN-27751	Trust: 0.1

sources: VULHUB: VHN-27751 // BID: 27246 // JVNDB: JVNDB-2007-002517 // CNNVD: CNNVD-200708-280 // NVD: CVE-2007-4389

REFERENCES

url:	http://www.securityfocus.com/bid/27246	Trust: 1.7
url:	http://securityreason.com/securityalert/3026	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/476595/100/0/threaded	Trust: 1.1
url:	http://www.hakim.ws/2wire/demodns.html	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/36044	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/archive/1/476595/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4389	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4389	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/36044	Trust: 0.6
url:	http://www.2wire.com	Trust: 0.3
url:	http://blog.trendmicro.com/targeted-attack-in-mexico-dns-poisoning-via-modems/	Trust: 0.3
url:	http://www.seguridad.unam.mx/doc/?ap=tutorial&id=196	Trust: 0.3

sources: VULHUB: VHN-27751 // BID: 27246 // JVNDB: JVNDB-2007-002517 // CNNVD: CNNVD-200708-280 // NVD: CVE-2007-4389

CREDITS

hkm1hakim.ws and Eduardo Espina Garca are credited with the discovery of this vulnerability.

Trust: 0.6

sources: CNNVD: CNNVD-200708-280

SOURCES

db:	VULHUB	id:	VHN-27751
db:	BID	id:	27246
db:	JVNDB	id:	JVNDB-2007-002517
db:	CNNVD	id:	CNNVD-200708-280
db:	NVD	id:	CVE-2007-4389

LAST UPDATE DATE

2025-04-10T20:07:19.939000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-27751	date:	2018-10-15T00:00:00
db:	BID	id:	27246	date:	2008-01-31T19:57:00
db:	JVNDB	id:	JVNDB-2007-002517	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200708-280	date:	2007-08-20T00:00:00
db:	NVD	id:	CVE-2007-4389	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-27751	date:	2007-08-17T00:00:00
db:	BID	id:	27246	date:	2007-08-15T00:00:00
db:	JVNDB	id:	JVNDB-2007-002517	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200708-280	date:	2007-08-17T00:00:00
db:	NVD	id:	CVE-2007-4389	date:	2007-08-17T22:17:00