CVE-2007-0435

T-com Speedport 500v - Authentication Bypass

Title source: rule

Description

T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.

References (8)

[Vendor Advisory] http://secunia.com/advisories/23853

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/31621

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/457453/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/457645/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/457656/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/460319/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22160

[Third Party Advisory, VDB Entry] http://osvdb.org/32995

Scores

EPSS 0.0103

EPSS Percentile 77.1%

Classification

CWE

CWE-287

Status draft

Affected Products (2)

t-com/speedport_500v

t-com/speedport_500v_firmware

Timeline

Published Jan 23, 2007

Tracked Since Feb 18, 2026