The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentication for (1) etc/config/System.html, (2) etc/config/Network.html, (3) etc/config/Security.html, (4) cgi-bin/sysconf.cgi, and (5) cgi-bin/route.cgi, which allows remote attackers to change the modem's configuration via direct requests.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-07-31T17:00:00
Updated: 2024-08-07T09:37:26.908Z
Reserved: 2008-07-31T00:00:00
Link: CVE-2008-3411
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-07-31T17:41:00.000
Modified: 2024-11-21T00:49:11.583
Link: CVE-2008-3411
Redhat
No data.