Описание
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:2wire:1701hg_router:3.7.1:*:*:*:*:*:*:*
cpe:2.3:h:2wire:1701hg_router:3.17.5:*:*:*:*:*:*:*
cpe:2.3:h:2wire:1701hg_router:5.29.51:*:*:*:*:*:*:*
cpe:2.3:h:2wire:1800hw_router:3.7.1:*:*:*:*:*:*:*
cpe:2.3:h:2wire:1800hw_router:3.17.5:*:*:*:*:*:*:*
cpe:2.3:h:2wire:1800hw_router:5.29.51:*:*:*:*:*:*:*
cpe:2.3:h:2wire:2071_router:3.7.1:*:*:*:*:*:*:*
cpe:2.3:h:2wire:2071_router:3.17.5:*:*:*:*:*:*:*
cpe:2.3:h:2wire:2071_router:5.29.51:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04801
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.
EPSS
Процентиль: 89%
0.04801
Низкий
7.8 High
CVSS2
Дефекты
NVD-CWE-Other