HIGH🇬🇧 English

CVE-2007-5419

CVSS 10.0v2.0pub. 2007-10-12upd. 2026-04-23

The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • 3com 3crwe554g72t

    HW
    3Com
    3crwer100-75
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2007-5420LOW2.6ten sam produkt

The 3Com 3CRWER100-75 router with 1.2.10ww software, when remote management is disabled but a web server has b...

CVE-2001-1291CRITICAL9.8ten sam vendor

The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers w...

CVE-2008-6395HIGH7.8ten sam vendor

The web management interface in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point allows remote attackers...

CVE-2007-3711HIGH7.5ten sam vendor

Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on TippingPoint IPS allows ...

CVE-2007-3701HIGH7.5ten sam vendor

TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) characte...