CVE-2007-2649

Name of the Vulnerable Software and Affected Versions Deutsche Telekom (T-com) Speedport W 700v

Description The issue concerns the use of JavaScript delays for invalid authentication attempts to the CGI script. This allows remote attackers to bypass the delays and conduct brute-force attacks via direct calls to the authentication CGI script.

Recommendations For Deutsche Telekom (T-com) Speedport W 700v, consider restricting access to the authentication CGI script to minimize the risk of exploitation. As a temporary workaround, limit the number of authentication attempts from a single IP address within a certain time frame until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.