CVE-2007-5419

Name of the Vulnerable Software and Affected Versions: 3Com 3CRWER100-75 router version 1.2.10ww

Description: The issue allows remote attackers to access the web management interface by setting up a virtual server on port 80, potentially exposing the router to unintended incoming traffic. This occurs when an optional virtual server is enabled without selecting specific options to restrict source IP addresses on the external interface.

Recommendations: For version 1.2.10ww, consider disabling the virtual server feature until a configuration or software update is available to restrict incoming traffic to specified IP addresses. Restrict access to the web management interface by configuring the virtual server to only accept traffic from trusted source IP addresses.