CVE-2007-4389

2wire 1701HG, 1800HW, and 2071 Gateway Routers - Cross-Site Request Forgery via NAME and ADDR Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4389. PoCs published by hkm.

AI-analyzed exploit summary This exploit demonstrates a cross-site request-forgery (CSRF) vulnerability in multiple 2Wire routers, allowing an attacker to execute arbitrary actions such as changing passwords, modifying DNS settings, disabling wireless authentication, and enabling dynamic DNS without user interaction.

Description

Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hkm · textremotehardware

https://www.exploit-db.com/exploits/31013

View Code ZIP pw:eip

This exploit demonstrates a cross-site request-forgery (CSRF) vulnerability in multiple 2Wire routers, allowing an attacker to execute arbitrary actions such as changing passwords, modifying DNS settings, disabling wireless authentication, and enabling dynamic DNS without user interaction.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: 2Wire routers (multiple models)

No auth needed

Prerequisites: Victim must be authenticated to the router's web interface · Attacker must trick the victim into visiting a malicious link

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources x_refsource_misc

http://www.hakim.ws/2wire/demodns.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/36044

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/3026

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/476595/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27246

Scores

EPSS 0.0214

EPSS Percentile 79.6%

Details

Status published

Products (9)

2wire/1701hg_router 3.7.1

2wire/1701hg_router 3.17.5

2wire/1701hg_router 5.29.51

2wire/1800hw_router 3.7.1

2wire/1800hw_router 3.17.5

2wire/1800hw_router 5.29.51

2wire/2071_router 3.7.1

2wire/2071_router 3.17.5

2wire/2071_router 5.29.51

Published Aug 17, 2007

Tracked Since Feb 18, 2026