CVE-2009-3962

Name of the Vulnerable Software and Affected Versions 2wire Gateway versions prior to 5.29.52

Description The management interface allows remote attackers to cause a denial of service, resulting in a reboot, by sending a %0d%0a sequence in the page parameter to the xslt program on TCP port 50001.

Recommendations For versions prior to 5.29.52, update to version 5.29.52 or later to resolve the issue. As a temporary workaround, consider restricting access to the xslt program on TCP port 50001 to minimize the risk of exploitation. Avoid using the page parameter in the affected API endpoint until the issue is resolved.