CVE-2007-5027

LevelOne WBR3404TX R1.94p0vTIG - Cross-Site Scripting via DD or DU Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5027. PoCs published by azizov.

AI-analyzed exploit summary The exploit describes multiple cross-site scripting (XSS) vulnerabilities in the LevelOne WBR3404TX Broadband Router's web management panel. The vulnerabilities arise due to insufficient sanitization of user-supplied input in the 'ddns' CGI script.

Description

Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/ddns in the web management panel for the WBR3404TX broadband router with firmware R1.94p0vTIG allow remote attackers to inject arbitrary web script or HTML via the (1) DD or (2) DU parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by azizov · textwebappscgi
https://www.exploit-db.com/exploits/30597

The exploit describes multiple cross-site scripting (XSS) vulnerabilities in the LevelOne WBR3404TX Broadband Router's web management panel. The vulnerabilities arise due to insufficient sanitization of user-supplied input in the 'ddns' CGI script.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: LevelOne WBR3404TX Broadband Router firmware version R1.94p0vTIG
No auth needed
Prerequisites: Access to the router's web management panel
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25738
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/479994/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38886
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36696
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3159

Scores

EPSS 0.0437
EPSS Percentile 89.1%

Details

CWE
CWE-79
Status published
Products (1)
level_one/wbr3404tx
Published Sep 21, 2007
Tracked Since Feb 18, 2026