CVE-2007-4317

Currently unrated

Key Information:

Vendor: Zyxel
Status: Zynos; Zywall 2
Vendor: CVE Published:; 13 August 2007

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters.

References

http://www.louhi.fi/advisory/zyxel_070810.txt

x_refsource_MISC

http://www.securityfocus.com/archive/1/476031/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://osvdb.org/37670

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Aug 13, 2007
Vulnerability Reserved
Aug 13, 2007