CVE-2007-6730

Currently unrated

Key Information:

Vendor: Zyxel
Status: P-330w Router
Vendor: CVE Published:; 10 September 2009

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) modify the administrator password via goform/formPasswordSetup.

References

http://www.securityfocus.com/bid/27024

vdb-entryx_refsource_BID

http://secunia.com/advisories/28172

third-party-advisoryx_refsource_SECUNIA

http://seclists.org/fulldisclosure/2007/Dec/0559.html

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Sep 10, 2009
Vulnerability Reserved
Sep 9, 2009