CVE-2014-8657

Compal Broadband Networks CH6640E and CG6640E Wireless Gateway 1.0 - Denial of Service via wirelessChannelStatus.html

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8657. PoCs published by LiquidWorm.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in CBN CH6640E/CG6640E Wireless Gateway, including authorization bypass via cookie manipulation, DoS via a specific GET request, stored XSS via cookie injection, and CSRF for various configuration changes. The PoC provides clear examples of exploit URLs and payloads.

Description

The Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway 1.0 with firmware CH6640-3.5.11.7-NOSH allows remote attackers to cause a denial of service (disconnect all wifi clients) via a request to wirelessChannelStatus.html.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/35075

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in CBN CH6640E/CG6640E Wireless Gateway, including authorization bypass via cookie manipulation, DoS via a specific GET request, stored XSS via cookie injection, and CSRF for various configuration changes. The PoC provides clear examples of exploit URLs and payloads.

Classification

Working Poc 90%

Attack Type

Auth Bypass | Dos | Xss | Csrf | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Compal Broadband Networks CH6640E/CG6640E Wireless Gateway (Firmware CH6640-3.5.11.7-NOSH)

No auth needed

Prerequisites: Network access to the target device · Ability to send HTTP requests to the device

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit x_refsource_misc

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5203.php

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/98330

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/35075

Exploit x_refsource_misc

http://packetstormsecurity.com/files/128860/CBN-CH6640E-CG6640E-Wireless-Gateway-XSS-CSRF-DoS-Disclosure.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/show/osvdb/113838

Scores

EPSS 0.0676

EPSS Percentile 93.1%

Details

CWE

CWE-16

Status published

Products (3)

compal_broadband_networks/cg6640e_wireless_gateway 1.0

compal_broadband_networks/ch664oe_wireless_gateway 1.0

compal_broadband_networks/firmware ch6640-3.5.11.7-nosh

Published Nov 06, 2014

Tracked Since Feb 18, 2026