CyberSec.Space Logo
Back to CVE Browser

CVE-2008-3411

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile31.99th
PublishedJul 31, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

The Axesstel AXW-D800 modem with D2_ETH_109_01_VEBR Jun-14-2006 software does not require authentication for (1) etc/config/System.html, (2) etc/config/Network.html, (3) etc/config/Security.html, (4) cgi-bin/sysconf.cgi, and (5) cgi-bin/route.cgi, which allows remote attackers to change the modem's configuration via direct requests.

Affected Platforms (CPE)

πŸ”Œ
Axesstel

Akw D800

= d2_eth_109_01_vebr

References & Advisories

πŸ”— http://secunia.com/advisories/31285
πŸ”— http://securityreason.com/securityalert/4089
πŸ”— http://www.securityfocus.com/archive/1/494815/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/30404
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44044
πŸ”— http://secunia.com/advisories/31285
πŸ”— http://securityreason.com/securityalert/4089
πŸ”— http://www.securityfocus.com/archive/1/494815/100/0/threaded

Related Vulnerabilities

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-252810.0

Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and Advanced Edition 4.5 HF2 and earlier all...