Vulnerability Description
The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web server has been configured, serves a web page to external clients, which might allow remote attackers to obtain information about the router's existence and product details.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 3Com | 3Crwe554G72T | 3crwer100-75 |
Related Weaknesses (CWE)
References
- http://osvdb.org/45490
- http://securityreason.com/securityalert/3217
- http://www.securityfocus.com/archive/1/481977/100/0/threaded
- http://www.securityfocus.com/bid/26009
- http://osvdb.org/45490
- http://securityreason.com/securityalert/3217
- http://www.securityfocus.com/archive/1/481977/100/0/threaded
- http://www.securityfocus.com/bid/26009
FAQ
What is CVE-2007-5420?
CVE-2007-5420 is a vulnerability with a CVSS score of 2.6 (LOW). The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web server has been configured, serves a web page to external clients, which might allow remote attackers ...
How severe is CVE-2007-5420?
CVE-2007-5420 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5420?
Check the references section above for vendor advisories and patch information. Affected products include: 3Com 3Crwe554G72T.