Unrated severityNVD Advisory· Published Aug 17, 2007· Updated Apr 23, 2026

CVE-2007-4389

Description

Cross-site request forgery (CSRF) vulnerability in /xslt in 2wire 1701HG, 1800HW, and 2071 Gateway routers, with 3.17.5, 3.7.1, and 5.29.51 software, allows remote attackers to create DNS mappings as administrators, and conduct DNS poisoning attacks, via the NAME and ADDR parameters.

Affected products

2wire/1701hg Router3 versions
cpe:2.3:h:2wire:1701hg_router:3.17.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:2wire:1701hg_router:3.17.5:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1701hg_router:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1701hg_router:5.29.51:*:*:*:*:*:*:*
2wire/1800hw Router3 versions
cpe:2.3:h:2wire:1800hw_router:3.17.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:2wire:1800hw_router:3.17.5:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1800hw_router:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:1800hw_router:5.29.51:*:*:*:*:*:*:*
2wire/2071 Router3 versions
cpe:2.3:h:2wire:2071_router:3.17.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:h:2wire:2071_router:3.17.5:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:2071_router:3.7.1:*:*:*:*:*:*:*
- cpe:2.3:h:2wire:2071_router:5.29.51:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000