CVE-2014-6435

HIGH

Aztech ADSL DSL5018EN-DSL705EU - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-6435. PoCs published by Federick Joe P Fajardo.

AI-analyzed exploit summary This Perl script exploits a denial-of-service vulnerability in multiple Aztech routers by sending a malformed HTTP GET request to a specific path. The exploit causes the affected device to crash, resulting in a DoS condition.

Description

cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers to cause a denial of service (WAN connectivity reset) via a direct request.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Federick Joe P Fajardo · perldoshardware
https://www.exploit-db.com/exploits/39315

This Perl script exploits a denial-of-service vulnerability in multiple Aztech routers by sending a malformed HTTP GET request to a specific path. The exploit causes the affected device to crash, resulting in a DoS condition.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Aztech DSL5018EN, DSL705E, DSL705EU
No auth needed
Prerequisites: Network access to the target device · Target device must be one of the vulnerable Aztech models
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69809

Scores

CVSS v3 7.5
EPSS 0.1998
EPSS Percentile 95.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-287
Status published
Products (3)
aztech/adsl_dsl5018en_\(1t1r\)_firmware
aztech/dsl705e_firmware
aztech/dsl705eu_firmware
Published Jan 12, 2018
Tracked Since Feb 18, 2026