CVE-2006-4523

2Wire HomePortal and OfficePortal - Denial of Service via CRLF Sequence in GET Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-4523. PoCs published by preth00nker.

AI-analyzed exploit summary This PoC exploits a DoS vulnerability in 2Wire gateways by sending a malformed HTTP request with a crafted query string, causing the modem to reset. The exploit constructs a malicious GET request and sends it to the target device.

Description

The web-based management interface in 2Wire, Inc. HomePortal and OfficePortal Series modems and routers allows remote attackers to cause a denial of service (crash) via a CRLF sequence in a GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by preth00nker · c++doshardware

https://www.exploit-db.com/exploits/2246

View Code ZIP pw:eip

This PoC exploits a DoS vulnerability in 2Wire gateways by sending a malformed HTTP request with a crafted query string, causing the modem to reset. The exploit constructs a malicious GET request and sends it to the target device.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: 2Wire OfficePortal and HomePortal series (various models)

No auth needed

Prerequisites: Network access to the target device · Target device must be a vulnerable 2Wire gateway

MITRE ATT&CK