Cross-Site Request Forgery in ZyXEL P-330W Router Management Interface
CVE-2007-6730

Currently unrated

Key Information:

Vendor: Zyxel
Status: P-330w Router
Vendor: CVE Published:; 10 September 2009

Summary

The ZyXEL P-330W router has multiple vulnerabilities within its web management interface that expose it to cross-site request forgery (CSRF) attacks. This allows an attacker to execute unauthorized actions by hijacking the authentication of a router's administrator. Specifically, attackers can enable remote management features or alter the administrator password, potentially compromising the router's security. It is crucial for users to investigate these vulnerabilities and apply appropriate security measures to protect their devices.

References

http://www.securityfocus.com/bid/27024

vdb-entryx_refsource_BID

http://secunia.com/advisories/28172

third-party-advisoryx_refsource_SECUNIA

http://seclists.org/fulldisclosure/2007/Dec/0559.html

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Sep 10, 2009
Vulnerability Reserved
Sep 9, 2009