What is the severity of CVE-2007-2334?

CVE-2007-2334 is considered to have a high severity due to its potential for remote code execution.

How do I fix CVE-2007-2334?

To fix CVE-2007-2334, update the Nortel VPN Router to a version equal to or greater than 5_05.304 or 6_05.140.

What types of devices are affected by CVE-2007-2334?

CVE-2007-2334 affects Nortel VPN Router models 1000, 2000, 4000, and 5000 running vulnerable firmware versions.

Is there a workaround for CVE-2007-2334 if I cannot update?

While the best solution is to update, consider restricting access to the administration interface via firewall rules as a temporary workaround.

Vulnerability/
CVE-2007-2334

high

7.5

CWE

NVD-CWE-Other

27/4/2007

7/8/2024

CVE-2007-2334

First published: Fri Apr 27 2007(Updated: )

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Nortel Vpn Router 5000
Nortel Contivity	=2000_vpn_switch
Nortel Contivity	=1000_vpn_switch
Nortel Contivity	=4000_vpn_switch

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-2334?
CVE-2007-2334 is considered to have a high severity due to its potential for remote code execution.
How do I fix CVE-2007-2334?
To fix CVE-2007-2334, update the Nortel VPN Router to a version equal to or greater than 5_05.304 or 6_05.140.
What types of devices are affected by CVE-2007-2334?
CVE-2007-2334 affects Nortel VPN Router models 1000, 2000, 4000, and 5000 running vulnerable firmware versions.
Can CVE-2007-2334 allow unauthorized access to the device?
Yes, CVE-2007-2334 allows remote attackers to access the administration interface and modify device configurations.
Is there a workaround for CVE-2007-2334 if I cannot update?
While the best solution is to update, consider restricting access to the administration interface via firewall rules as a temporary workaround.

collector/nvd-historical
collector/nvd-index
agent/type
agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/remedy
agent/author
agent/last-modified-date
agent/weakness
agent/tags
agent/first-publish-date
agent/description
agent/event
agent/source
vendor/nortel
canonical/nortel vpn router 5000
canonical/nortel contivity
version/nortel contivity/2000_vpn_switch
version/nortel contivity/1000_vpn_switch
version/nortel contivity/4000_vpn_switch

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2007-2334

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-2334?

How do I fix CVE-2007-2334?

What types of devices are affected by CVE-2007-2334?

Can CVE-2007-2334 allow unauthorized access to the device?

Is there a workaround for CVE-2007-2334 if I cannot update?

Company

Resources

Contact