Sign-up

ID

VAR-200710-0019


CVE

CVE-2007-5384


TITLE

BT Home Hub Used in Thomson/Alcatel SpeedTouch 7G Cross-site request forgery vulnerability in router

Trust: 0.8

sources: JVNDB: JVNDB-2007-002763

DESCRIPTION

Multiple cross-site request forgery (CSRF) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to perform actions as administrators via unspecified POST requests, as demonstrated by enabling an inbound remote-assistance HTTPS session on TCP port 51003. NOTE: an authentication bypass can be leveraged to exploit this in the absence of an existing administrative session. NOTE: SpeedTouch 780 might also be affected by some of these issues. BT Home Hub and Thomson/Alcatel Speedtouch 7G routers are prone to multiple web-interface vulnerabilities, including a cross-site request-forgery issue, a cross-site scripting issue, multiple HTML-injection issues, and multiple authentication-bypass issues. Successful exploits of many of these issues will allow an attacker to completely compromise the affected device. These issues affect the BT Home Hub and Thomson/Alcatel Speedtouch 7G routers

Trust: 1.98

sources: NVD: CVE-2007-5384 // JVNDB: JVNDB-2007-002763 // BID: 25972 // VULHUB: VHN-28746

AFFECTED PRODUCTS

vendor:alcatelmodel:speedtouch 7g routerscope:eqversion:*

Trust: 1.0

vendor:btmodel:home hubscope:eqversion:*

Trust: 1.0

vendor:btmodel:home hubscope:lteversion:6.2.6.b

Trust: 0.8

vendor:alcatel lucentmodel:speedtouch 7g routerscope: - version: -

Trust: 0.8

vendor:alcatelmodel:speedtouch 7g routerscope: - version: -

Trust: 0.6

vendor:thomsonmodel:tg585 routerscope:eqversion:0

Trust: 0.3

vendor:btmodel:home hub .bscope:eqversion:6.2.6

Trust: 0.3

vendor:btmodel:home hubscope:eqversion:6.2.2.6

Trust: 0.3

vendor:btmodel:home hubscope:eqversion:0

Trust: 0.3

vendor:alcatelmodel:speedtouch 7gscope: - version: -

Trust: 0.3

sources: BID: 25972 // JVNDB: JVNDB-2007-002763 // NVD: CVE-2007-5384 // CNNVD: CNNVD-200710-214

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2007-5384
value: MEDIUM

Trust: 1.8

CNNVD: CNNVD-200710-214
value: MEDIUM

Trust: 0.6

VULHUB: VHN-28746
value: MEDIUM

Trust: 0.1

NVD:
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

NVD: CVE-2007-5384
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-28746
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28746 // JVNDB: JVNDB-2007-002763 // NVD: CVE-2007-5384 // CNNVD: CNNVD-200710-214

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-28746 // JVNDB: JVNDB-2007-002763 // NVD: CVE-2007-5384

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200710-214

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-200710-214

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2007-5384

PATCH
title:Top Pageurl:http://www.alcatel-lucent.com/alcatel/
Trust: 0.8
title:Top Pageurl:http://www.bt.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002763

EXTERNAL IDS
db:NVDid:CVE-2007-5384
Trust: 2.8
db:BIDid:25972
Trust: 2.0
db:SREASONid:3213
Trust: 1.7
db:JVNDBid:JVNDB-2007-002763
Trust: 0.8
db:BUGTRAQid:20071008 BT HOME FLUB: PWNIN THE BT HOME HUB
Trust: 0.6
db:CNNVDid:CNNVD-200710-214
Trust: 0.6
db:VULHUBid:VHN-28746
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28746 // 
            
            
            
            BID: 25972 // 
            
            
            
            JVNDB: JVNDB-2007-002763 // 
            
            
            
            NVD: CVE-2007-5384 // 
            
            
            
            CNNVD: CNNVD-200710-214

REFERENCES
url:http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub
Trust: 2.0
url:http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/
Trust: 2.0
url:http://www.securityfocus.com/bid/25972
Trust: 1.7
url:http://securityreason.com/securityalert/3213
Trust: 1.7
url:http://www.securityfocus.com/archive/1/481835/100/0/threaded
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5384
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5384
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/481835/100/0/threaded
Trust: 0.6
url:http://www.homehub.bt.com/
Trust: 0.3
url:http://www.gnucitizen.org/blog/call-jacking
Trust: 0.3
url:http://www.thomson.net/en/home/minisites/bap/telecom/subcategory.html?category=dsl%20modems
Trust: 0.3
url:/archive/1/481835
Trust: 0.3
url:/archive/1/486081
Trust: 0.3
url:/archive/1/517314
Trust: 0.3
sources:
            
            
            VULHUB: VHN-28746 // 
            
            
            
            BID: 25972 // 
            
            
            
            JVNDB: JVNDB-2007-002763 // 
            
            
            
            NVD: CVE-2007-5384 // 
            
            
            
            CNNVD: CNNVD-200710-214

CREDITS
Adrian Pastor※ m123303@richmond.ac.uk
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200710-214

SOURCES
db:VULHUBid:VHN-28746
db:BIDid:25972
db:JVNDBid:JVNDB-2007-002763
db:NVDid:CVE-2007-5384
db:CNNVDid:CNNVD-200710-214

LAST UPDATE DATE
2023-12-18T11:01:57.148000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28746date:2018-10-15T00:00:00
db:BIDid:25972date:2011-04-04T20:05:00
db:JVNDBid:JVNDB-2007-002763date:2012-06-26T00:00:00
db:NVDid:CVE-2007-5384date:2018-10-15T21:44:14.513
db:CNNVDid:CNNVD-200710-214date:2007-10-15T00:00:00

SOURCES RELEASE DATE
db:VULHUBid:VHN-28746date:2007-10-12T00:00:00
db:BIDid:25972date:2007-10-08T00:00:00
db:JVNDBid:JVNDB-2007-002763date:2012-06-26T00:00:00
db:NVDid:CVE-2007-5384date:2007-10-12T01:17:00
db:CNNVDid:CNNVD-200710-214date:2007-10-11T00:00:00