CVE-2007-4319 - The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote aut

CVE-2007-4319

Summary

The management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allows remote authenticated administrators to cause a denial of service (infinite reboot loop) via invalid configuration data. NOTE: this issue might not cross privilege boundaries, and it might be resultant from CSRF; if so, then it should not be included in CVE.

References

Vulnerable Configurations

cpe:2.3:h:zyxel:zynos:3.62:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zynos:3.62:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_2:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:zywall_2:*:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 15-10-2018 - 21:34)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:P

refmap via4

bid	25262
bugtraq	20070810 Zyxel Zywall 2 multiple vulnerabilities
misc	http://www.louhi.fi/advisory/zyxel_070810.txt
osvdb	42448
sreason	3002
xf	zywall-management-dos(35941)

Last major update

15-10-2018 - 21:34

Published

13-08-2007 - 21:17

Last modified

15-10-2018 - 21:34