Strix
26.1K

CVE-2007-3787

UnknownEPSS 1.40%

Last modified

CVE-2007-3787 is a vulnerability of currently unknown severity. The eSoft InstaGate EX2 UTM device does not require entry of the old password when changing the admin password, which might allow remote attackers to gain privileges by conducting a CSRF attack, making a password change from an unattended workstation, or other attacks.. EPSS estimates a 1.40% chance of exploitation in the next 30 days.

Description

The eSoft InstaGate EX2 UTM device does not require entry of the old password when changing the admin password, which might allow remote attackers to gain privileges by conducting a CSRF attack, making a password change from an unattended workstation, or other attacks.

Metrics

EPSS Probability
1.40%

69.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
EsoftInstagate Ex2 Utmfirmware_3.1.20031001
EsoftInstagate Ex2 Utmfirmware_3.1.20060921
EsoftInstagate Ex2 Utmfirmware_3.1.20070605

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2007-3787?
The eSoft InstaGate EX2 UTM device does not require entry of the old password when changing the admin password, which might allow remote attackers to gain privileges by conducting a CSRF attack, making a password change from an unattended workstation, or other attacks.
How severe is CVE-2007-3787?
Severity scoring for CVE-2007-3787 is pending analysis. The EPSS model estimates a 1.40% probability of exploitation in the next 30 days.
How do I fix CVE-2007-3787?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2007-3787?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST