CVE-2008-6605

2wire 1701HG 1800HW 2071HG 2700HG - Cross-Site Request Forgery via XSLT Script

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6605. PoCs published by hkm.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in 2Wire routers by sending malformed requests to the `/xslt` endpoint with non-alphanumeric characters. The DSL connection drops upon receiving such requests, affecting multiple router models and firmware versions.

Description

Cross-site request forgery (CSRF) vulnerability in the xslt script in the web-based management interface on the 2wire 1701HG, 1800HW, 2071HG, and 2700HG with firmware 3.17.5, 3.7.1, 4.25.19, or 5.29.51 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that cause a denial of service (network outage) via a page parameter with a % (percent) character followed by a non-alphanumeric character.

Exploits (1)

exploitdb WORKING POC VERIFIED
by hkm · textdoshardware
https://www.exploit-db.com/exploits/7060

This exploit demonstrates a Denial of Service (DoS) vulnerability in 2Wire routers by sending malformed requests to the `/xslt` endpoint with non-alphanumeric characters. The DSL connection drops upon receiving such requests, affecting multiple router models and firmware versions.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: 2Wire Router DSL (Models: 1701HG, 1800HW, 2071HG, 2700HG Gateway; Firmware: v3.17.5, 3.7.1, 4.25.19, 5.29.51)
No auth needed
Prerequisites: Network access to the vulnerable router
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/32211
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/49835
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46537
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7060

Scores

EPSS 0.0094
EPSS Percentile 56.1%

Details

CWE
CWE-352
Status published
Products (16)
2wire/1701hg 3.7.1
2wire/1701hg 3.17.5
2wire/1701hg 4.25.19
2wire/1701hg 5.29.51
2wire/1800hw 3.7.1
2wire/1800hw 3.17.5
2wire/1800hw 4.25.19
2wire/1800hw 5.29.51
2wire/2071hg 3.7.1
2wire/2071hg 3.17.5
... and 6 more
Published Apr 06, 2009
Tracked Since Feb 18, 2026