CVE-2014-6435

Name of the Vulnerable Software and Affected Versions Aztech ADSL DSL5018EN (1T1R) version not specified Aztech ADSL DSL705E version not specified Aztech ADSL DSL705EU version not specified

Description The issue is related to the cgi-bin/AZ Retrain.cgi endpoint, which does not check for authentication. This allows remote attackers to cause a denial of service, specifically a WAN connectivity reset, by sending a direct request to this endpoint.

Recommendations For Aztech ADSL DSL5018EN (1T1R), consider restricting access to the cgi-bin/AZ Retrain.cgi endpoint until a fix is available. For Aztech ADSL DSL705E, consider restricting access to the cgi-bin/AZ Retrain.cgi endpoint until a fix is available. For Aztech ADSL DSL705EU, consider restricting access to the cgi-bin/AZ Retrain.cgi endpoint until a fix is available.