PT-2007-3667 · Nortel · Nortel Vpn Router

Publicado

2007-04-27

Atualizado

2011-03-08

CVE-2007-2334

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Nortel VPN Router (aka Contivity) versions 1000, 2000, 4000, and 5000 before 5 05.149 Nortel VPN Router (aka Contivity) versions 5 05.3xx before 5 05.304 Nortel VPN Router (aka Contivity) versions 6.x before 6 05.140

Description The issue is related to two template HTML files that lack certain verification tags. This allows remote attackers to access the administration interface and change the device configuration via certain requests.

Recommendations For versions 1000, 2000, 4000, and 5000 before 5 05.149, update to version 5 05.149 or later. For versions 5 05.3xx before 5 05.304, update to version 5 05.304 or later. For versions 6.x before 6 05.140, update to version 6 05.140 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2334

Produtos afetados

Nortel Vpn Router

PT-2007-3667 · Nortel · Nortel Vpn Router

CVE-2007-2334

Identificadores relacionados

Produtos afetados

Referências · 8