CVE-2007-5036

AirDefense Airsensor M520 4.3.1.1 and 4.4.1.4 - Authenticated Denial of Service via Crafted HTTPS Query String

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-5036. PoCs published by Alex Hernandez, alt3kx.

AI-analyzed exploit summary This Perl script demonstrates a Denial of Service (DoS) and potential buffer overflow vulnerability in Airsensor M520 HTTPD by sending a crafted HTTPS request with URL-encoded payloads to specific CGI endpoints. The exploit triggers a crash in the HTTPS service, as evidenced by the provided debug logs.

Description

Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service (HTTPS service outage) via a crafted query string in an HTTPS request to (1) adLog.cgi, (2) post.cgi, or (3) ad.cgi, related to the "files filter."

Exploits (2)

exploitdb WORKING POC VERIFIED
by Alex Hernandez · perldoshardware
https://www.exploit-db.com/exploits/4426

This Perl script demonstrates a Denial of Service (DoS) and potential buffer overflow vulnerability in Airsensor M520 HTTPD by sending a crafted HTTPS request with URL-encoded payloads to specific CGI endpoints. The exploit triggers a crash in the HTTPS service, as evidenced by the provided debug logs.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: AirDefense Airsensor M520 (Firmware Version 4.3.1.1, 4.4.1.4)
Auth required
Prerequisites: Network access to the target device · Valid credentials for authentication · DHCP disabled on the target interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by alt3kx · poc
https://github.com/alt3kx/CVE-2007-5036

This repository references CVE-2007-5036, a vulnerability in Airsensor M520 HTTPd allowing unauthenticated remote denial of service or buffer overflow. It points to an Exploit-DB entry but contains no actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Airsensor M520 HTTPd
No auth needed
Prerequisites: Network access to the target device
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4426
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25715
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3226
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36691
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/26869

Scores

EPSS 0.0962
EPSS Percentile 94.9%

Details

CWE
CWE-119 CWE-20
Status published
Products (1)
airdefense/airsensor m520
Published Sep 24, 2007
Tracked Since Feb 18, 2026