Title: 2Wire Routers Cross-Site Request Forgery Vulnerability
Severity: MODERATE
Description:
2Wire routers are network devices designed for home and small-office setups.
Multiple 2Wire routers are prone to a cross-site request-forgery vulnerability. Attackers exploit this issue by tricking a victim into visiting a malicious web page. The page will consist of specially crafted 'xslt' requests designed to perform some action on the attacker's behalf.
An attacker can exploit this issue to perform DNS-poisoning attacks through the 'NAME' and 'ADDR' parameters. The attacker may also be able to modify password settings on the vulnerable device. Other attacks are also possible.
A successful attack will result in a remote compromise of the affected device, potentially aiding in further attacks.
Affected Products:
- 2Wire 1701HG 3.17.5
- 2Wire 1701HG 3.7.1
- 2Wire 1701HG 5.29.51
- 2Wire 1800HW 3.17.5
- 2Wire 1800HW 3.7.1
- 2Wire 1800HW 5.29.51
- 2Wire 2071 Gateway 3.17.5
- 2Wire 2071 Gateway 3.7.1
- 2Wire 2071 Gateway 5.29.51
References:
- 2wire: 2wire Homepage
- DSC/UNAM-CERT DGSCA: Vulnerabilidad de autenticación en ruteadores 2Wire
- Trend Micro: Targeted Attack in Mexico: DNS Poisoning via Modems
- hkm hakim ws: Cross Site Request Forgery in 2wire routers
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
