[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249982

 
 

909

 
 

195748

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-0435Date: (C)2007-01-22   (M)2023-12-22


T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://www.securityfocus.com/archive/1/457453/100/0/threaded
http://www.securityfocus.com/archive/1/457645/100/0/threaded
http://www.securityfocus.com/archive/1/457656/100/0/threaded
http://www.securityfocus.com/archive/1/460319/100/0/threaded
BID-22160
SECUNIA-23853
OSVDB-32995
tcom-login-authentication-bypass(31621)

CPE    2
cpe:/h:t-com:speedport_500v:-
cpe:/o:t-com:speedport_500v_firmware:1.31
CWE    1
CWE-287

© SecPod Technologies