CVE-2007-6708
Last modified
CVE-2007-6708 is a vulnerability of currently unknown severity. Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi.. EPSS estimates a 0.64% chance of exploitation in the next 30 days.
Description
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linksys | Wag54gs | <= firmware_1.01.03 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2007-6708?
How severe is CVE-2007-6708?
How do I fix CVE-2007-6708?
Are you affected by CVE-2007-6708?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST