Sign-up

ID

VAR-200709-0365


CVE

CVE-2007-4733


TITLE

Aztech DSL600EU In the router Web Vulnerability connected to interface

Trust: 0.8

sources: JVNDB: JVNDB-2007-002594

DESCRIPTION

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077. Dsl 600Eu Router is prone to a remote security vulnerability

Trust: 1.98

sources: NVD: CVE-2007-4733 // JVNDB: JVNDB-2007-002594 // BID: 85396 // VULHUB: VHN-28095

AFFECTED PRODUCTS

vendor:aztechmodel:dsl 600eu routerscope:eqversion:*

Trust: 1.0

vendor:aztech groupmodel:dsl 600eu routerscope: - version: -

Trust: 0.8

vendor:aztechmodel:dsl 600eu routerscope: - version: -

Trust: 0.6

vendor:aztechmodel:dsl 600eu routerscope:eqversion:0

Trust: 0.3

sources: BID: 85396 // JVNDB: JVNDB-2007-002594 // CNNVD: CNNVD-200709-053 // NVD: CVE-2007-4733

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4733
value: HIGH

Trust: 1.0

NVD: CVE-2007-4733
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200709-053
value: CRITICAL

Trust: 0.6

VULHUB: VHN-28095
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-4733
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-28095
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28095 // JVNDB: JVNDB-2007-002594 // CNNVD: CNNVD-200709-053 // NVD: CVE-2007-4733

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-28095 // JVNDB: JVNDB-2007-002594 // NVD: CVE-2007-4733

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200709-053

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-200709-053

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002594

PATCH
title:Top Pageurl:http://www.aztech.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002594

EXTERNAL IDS
db:NVDid:CVE-2007-4733
Trust: 2.8
db:SREASONid:3093
Trust: 2.0
db:SECTRACKid:1018641
Trust: 2.0
db:OSVDBid:45877
Trust: 1.7
db:JVNDBid:JVNDB-2007-002594
Trust: 0.8
db:BUGTRAQid:20070830 AZTECH ROUTER DSL600EU IP AND ARP SPOOF
Trust: 0.6
db:CNNVDid:CNNVD-200709-053
Trust: 0.6
db:BIDid:85396
Trust: 0.4
db:VULHUBid:VHN-28095
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28095 // 
            
            
            
            BID: 85396 // 
            
            
            
            JVNDB: JVNDB-2007-002594 // 
            
            
            
            CNNVD: CNNVD-200709-053 // 
            
            
            
            NVD: CVE-2007-4733

REFERENCES
url:http://securitytracker.com/id?1018641
Trust: 2.0
url:http://securityreason.com/securityalert/3093
Trust: 2.0
url:http://osvdb.org/45877
Trust: 1.7
url:http://www.securityfocus.com/archive/1/478314/100/0/threaded
Trust: 1.1
url:http://www.securityfocus.com/archive/1/archive/1/478314/100/0/threaded
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4733
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4733
Trust: 0.8
sources:
            
            
            VULHUB: VHN-28095 // 
            
            
            
            BID: 85396 // 
            
            
            
            JVNDB: JVNDB-2007-002594 // 
            
            
            
            CNNVD: CNNVD-200709-053 // 
            
            
            
            NVD: CVE-2007-4733

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 85396

SOURCES
db:VULHUBid:VHN-28095
db:BIDid:85396
db:JVNDBid:JVNDB-2007-002594
db:CNNVDid:CNNVD-200709-053
db:NVDid:CVE-2007-4733

LAST UPDATE DATE
2025-04-10T23:21:44.220000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28095date:2018-10-15T00:00:00
db:BIDid:85396date:2007-09-06T00:00:00
db:JVNDBid:JVNDB-2007-002594date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200709-053date:2007-09-10T00:00:00
db:NVDid:CVE-2007-4733date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-28095date:2007-09-06T00:00:00
db:BIDid:85396date:2007-09-06T00:00:00
db:JVNDBid:JVNDB-2007-002594date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200709-053date:2007-09-06T00:00:00
db:NVDid:CVE-2007-4733date:2007-09-06T19:17:00