This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a cross-site request-forgery vulnerability with a 2Wire router which could result in automatic re-configuration to the router.
2Wire routers are network devices designed for home and small-office setups.
Multiple 2Wire routers are prone to a cross-site request-forgery vulnerability. Attackers exploit this issue by tricking a victim into visiting a malicious web page. The page will consist of specially crafted 'xslt' requests designed to perform some action on the attacker's behalf.
An attacker can exploit this issue to perform DNS-poisoning attacks through the 'NAME' and 'ADDR' parameters. The attacker may also be able to modify password settings on the vulnerable device. Other attacks are also possible.
A successful attack will result in a remote compromise of the affected device, potentially aiding in further attacks.
- 2Wire 1701HG 3.7.1, 3.17.5, 5.29.51
- 2Wire 1800HW 3.7.1, 3.17.5, 5.29.51
- 2Wire 2071 Gateway 3.7.1, 3.17.5, 5.29.51