Vulnerability Description
The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software before 5.29.52 allows remote attackers to cause a denial of service (reboot) via a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001, a related issue to CVE-2006-4523.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 2Wire | 1700Hg | All versions |
| 2Wire | 1701Hg | All versions |
| 2Wire | 1800Hw | All versions |
| 2Wire | 2071 | All versions |
| 2Wire | 2700Hg | All versions |
| 2Wire | 2701Hg-T | All versions |
Related Weaknesses (CWE)
References
- http://webvuln.com/advisories/2wire.remote.denial.of.service.txtExploit
- http://www.securityfocus.com/archive/1/507587/100/0/threaded
- http://www.securitytracker.com/id?1023116Exploit
- http://www.vupen.com/english/advisories/2009/3110Vendor Advisory
- http://webvuln.com/advisories/2wire.remote.denial.of.service.txtExploit
- http://www.securityfocus.com/archive/1/507587/100/0/threaded
- http://www.securitytracker.com/id?1023116Exploit
- http://www.vupen.com/english/advisories/2009/3110Vendor Advisory
FAQ
What is CVE-2009-3962?
CVE-2009-3962 is a vulnerability with a CVSS score of 7.8 (HIGH). The management interface on the 2wire Gateway 1700HG, 1701HG, 1800HW, 2071, 2700HG, and 2701HG-T with software before 5.29.52 allows remote attackers to cause a denial of service (reboot) via a %0d%0a...
How severe is CVE-2009-3962?
CVE-2009-3962 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3962?
Check the references section above for vendor advisories and patch information. Affected products include: 2Wire 1700Hg, 2Wire 1701Hg, 2Wire 1800Hw, 2Wire 2071, 2Wire 2700Hg.