Denial of Service Vulnerability in Zyxel Zywall 2 Management Interface
CVE-2007-4319

Currently unrated

Key Information:

Vendor: Zyxel
Status: Zynos; Zywall 2
Vendor: CVE Published:; 13 August 2007

Summary

The Zywall 2 device, running ZyNOS firmware version 3.62(WK.6), is susceptible to a Denial of Service condition due to improper handling of configuration data. Remote authenticated administrators can inadvertently trigger an infinite reboot loop by providing invalid settings through the management interface. This flaw may arise from Cross-Site Request Forgery (CSRF) issues, leading to potential security ramifications if exploited. Timely updates and correct configuration practices are essential to mitigate this risk.

References

http://www.louhi.fi/advisory/zyxel_070810.txt

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/35941

vdb-entryx_refsource_XF

http://osvdb.org/42448

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Aug 13, 2007
Vulnerability Reserved
Aug 13, 2007