Vulnerability Details : CVE-2007-4389
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
Vulnerability category: Cross-site request forgery (CSRF)
Products affected by CVE-2007-4389
- cpe:2.3:h:2wire:1701hg_router:5.29.51:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1701hg_router:3.17.5:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1701hg_router:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:2071_router:5.29.51:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:2071_router:3.17.5:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:2071_router:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1800hw_router:3.17.5:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1800hw_router:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1800hw_router:5.29.51:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-4389
3.43%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-4389
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:M/Au:N/C:N/I:P/A:C |
8.6
|
7.8
|
NIST |
References for CVE-2007-4389
Jump to