The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentication for (1) etc/config/System.html, (2) etc/config/Network.html, (3) etc/config/Security.html, (4) cgi-bin/sysconf.cgi, and (5) cgi-bin/route.cgi, which allows remote attackers to change the modem's configuration via direct requests.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-07-31T17:00:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-07-31T00:00:00
Link: CVE-2008-3411
JSON object: View
NVD Information
Status : Modified
Published: 2008-07-31T17:41:00.000
Modified: 2018-10-11T20:48:18.693
Link: CVE-2008-3411
JSON object: View
Redhat Information
No data.
CWE