Vulnerability Description
goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka rooter) VDSL device contains a password in the typepassword field, which allows remote attackers to obtain this password by reading the HTML source, a different vulnerability than CVE-2002-1603.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Goahead Software | Fs4104-Aw Device | All versions |
| Goahead Software | Goahead Webserver | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/43168
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39149
- https://www.exploit-db.com/exploits/4744
- http://osvdb.org/43168
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39149
- https://www.exploit-db.com/exploits/4744
FAQ
What is CVE-2007-6702?
CVE-2007-6702 is a vulnerability with a CVSS score of 5.0 (MEDIUM). goform/QuickStart_c0 on the GoAhead Web Server on the FS4104-AW (aka rooter) VDSL device contains a password in the typepassword field, which allows remote attackers to obtain this password by reading...
How severe is CVE-2007-6702?
CVE-2007-6702 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-6702?
Check the references section above for vendor advisories and patch information. Affected products include: Goahead Software Fs4104-Aw Device, Goahead Software Goahead Webserver.