CVE-2009-3962

The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software before 5.29.52 allows remote attackers to cause a denial of service (reboot) via a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001, a related issue to CVE-2006-4523.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
2wire1700hg
*
2wire1701hg
*
2wire1800hw
*
2wire2071
*
2wire2700hg
*
2wire2701hg-t
*
2wire1700hg
𝑥
≤ 5.29.51
2wire1701hg
𝑥
≤ 5.29.51
2wire1800hw
𝑥
≤ 5.29.51
2wire2071
𝑥
≤ 5.29.51
2wire2700hg
𝑥
≤ 5.29.51
2wire2701hg-t
𝑥
≤ 5.29.51
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://webvuln.com/advisories/2wire.remote.denial.of.service.txt
http://www.securityfocus.com/archive/1/507587/100/0/threaded
http://www.securitytracker.com/id?1023116
http://www.vupen.com/english/advisories/2009/3110
http://webvuln.com/advisories/2wire.remote.denial.of.service.txt
http://www.securityfocus.com/archive/1/507587/100/0/threaded
http://www.securitytracker.com/id?1023116
http://www.vupen.com/english/advisories/2009/3110