CVE-2005-4276

Westell Versalink 327W - Denial of Service via Land Attack

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4276. PoCs published by Justin M. Wray.

AI-analyzed exploit summary This exploit leverages a denial of service vulnerability in Westell Versalink 327W by sending malformed TCP 'LanD' packets using Hping2. The command crashes the device or disrupts network routing functionality.

Description

Westell Versalink 327W allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Justin M. Wray · textdoshardware

https://www.exploit-db.com/exploits/26834

View Code ZIP pw:eip

This exploit leverages a denial of service vulnerability in Westell Versalink 327W by sending malformed TCP 'LanD' packets using Hping2. The command crashes the device or disrupts network routing functionality.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Westell Versalink 327W

No auth needed

Prerequisites: Hping2 installed · Target device IP addresses configured

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15869

Scores

EPSS 0.0250

EPSS Percentile 82.7%

Details

Status published

Products (1)

westell/versalink 327w

Published Dec 16, 2005

Tracked Since Feb 18, 2026