Details of VAR-200908-0534

ID

VAR-200908-0534

TITLE

2Wire Router Malicious Request Password Reset Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2009-4239

DESCRIPTION

2Wire HomePortal and OfficePortal are both small router devices from 2Wire. The 2Wire web interface does not properly validate the page=CD35_SETUP_01 request parameter submitted by the user to the xslt script. If the remote attacker submits a very long password1 parameter of more than 512 characters, the password can be reset and the new password will be prompted the next time you log in to the router. Multiple 2Wire routers are prone to an access-validation vulnerability because they fail to adequately authenticate users before performing certain actions. Unauthenticated attackers can leverage this issue to change the router's administrative password. Successful attacks will completely compromise affected devices. 2Wire routers prior to Firmware version 5.29.135.5 are vulnerable

Trust: 0.81

sources: CNVD: CNVD-2009-4239 // BID: 36031

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2009-4239

AFFECTED PRODUCTS

vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	2wire	model:	gateway	scope:	eq	version:	20715.29.51	Trust: 0.3
vendor:	2wire	model:	gateway	scope:	eq	version:	20713.17.5	Trust: 0.3
vendor:	2wire	model:	gateway	scope:	eq	version:	20713.7.1	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	5.29.51	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	4.25.19	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	3.17.5	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	eq	version:	3.7.1	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	5.29.51	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	4.25.19	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	3.17.5	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	eq	version:	3.7.1	Trust: 0.3
vendor:	2wire	model:	gateway	scope:	ne	version:	20715.29.135.5	Trust: 0.3
vendor:	2wire	model:	1800hw	scope:	ne	version:	5.29.135.5	Trust: 0.3
vendor:	2wire	model:	1701hg	scope:	ne	version:	5.29.135.5	Trust: 0.3

sources: CNVD: CNVD-2009-4239 // BID: 36031

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2009-4239
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2009-4239
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2009-4239

THREAT TYPE

network

Trust: 0.3

sources: BID: 36031

TYPE

Access Validation Error

Trust: 0.3

sources: BID: 36031

PATCH

title:

\302\240\302\240\302\240\302\240\302\240Patch for 2Wire Router Malicious Request Password Reset Vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/43171

Trust: 0.6

sources: CNVD: CNVD-2009-4239

EXTERNAL IDS

db:	BID	id:	36031	Trust: 0.9
db:	CNVD	id:	CNVD-2009-4239	Trust: 0.6

sources: CNVD: CNVD-2009-4239 // BID: 36031

REFERENCES

url:	http://www.2wire.com	Trust: 0.3
url:	/archive/1/505694	Trust: 0.3

sources: BID: 36031

CREDITS

hkm

Trust: 0.3

sources: BID: 36031

SOURCES

db:	CNVD	id:	CNVD-2009-4239
db:	BID	id:	36031

LAST UPDATE DATE

2022-05-17T01:49:19.259000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2009-4239	date:	2014-02-18T00:00:00
db:	BID	id:	36031	date:	2009-08-21T15:56:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2009-4239	date:	2009-08-12T00:00:00
db:	BID	id:	36031	date:	2009-08-12T00:00:00