CVE-2007-4387

2wire 1701HG and 2071 Gateway Routers - Cross-Site Request Forgery in /xslt

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4387. Includes Metasploit module auxiliary/admin/2wire/xslt_password_reset.

AI-analyzed exploit summary This Metasploit module exploits a CSRF vulnerability in 2Wire routers to reset the admin password without authentication. It interacts with the /xslt endpoint to gather device information and then submits a password reset request.

Description

Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG and 2071 Gateway routers, with 3.17.5 and 5.29.51 software, allows remote attackers to perform certain configuration changes as administrators.

Exploits (1)

metasploit WORKING POC

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/2wire/xslt_password_reset.rb

View Code ZIP pw:eip

This Metasploit module exploits a CSRF vulnerability in 2Wire routers to reset the admin password without authentication. It interacts with the /xslt endpoint to gather device information and then submits a password reset request.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: 2Wire wireless routers (version 5.x)

No auth needed

Prerequisites: Network access to the target router · Router must be a 2Wire model with vulnerable firmware

MITRE ATT&CK