CVE-2008-6449

Name of the Vulnerable Software and Affected Versions: Century Systems routers including XR-410 versions prior to 1.6.9 Century Systems routers including XR-510 versions prior to 3.5.3 Century Systems routers including XR-440 versions prior to 1.7.8 Century Systems routers including XR series routers from XR-510 to XR-730 (affected versions not specified)

Description: A cross-site request forgery (CSRF) issue allows remote attackers to modify the configuration of the router as the administrator. The exact vectors used for the attack are not specified.

Recommendations: For XR-410 versions prior to 1.6.9, update to version 1.6.9 or later. For XR-510 versions prior to 3.5.3, update to version 3.5.3 or later. For XR-440 versions prior to 1.7.8, update to version 1.7.8 or later. For XR series routers from XR-510 to XR-730, at the moment, there is no information about a newer version that contains a fix for this vulnerability.