The web-based management interface in 2Wire, Inc. HomePortal and OfficePortal Series modems and routers allows remote attackers to cause a denial of service (crash) via a CRLF sequence in a GET request.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Homeportal | 2wire_inc | * | * |
| Homeportal | 2wire_inc | 100s (including) | 100s (including) |
| Homeportal | 2wire_inc | 100w (including) | 100w (including) |
| Homeportal | 2wire_inc | 1000 (including) | 1000 (including) |
| Homeportal | 2wire_inc | 1000s (including) | 1000s (including) |
| Homeportal | 2wire_inc | 1000sw (including) | 1000sw (including) |
| Homeportal | 2wire_inc | 1000w (including) | 1000w (including) |
| Homeportal | 2wire_inc | 1500w (including) | 1500w (including) |
| Officeportal | 2wire_inc | * | * |
References
- http://secunia.com/advisories/21583
- http://securityreason.com/securityalert/1489
- http://www.mexhackteam.org/prethoonker/DoS_ADV_2Wire.txt
- http://www.securityfocus.com/archive/1/443906/100/100/threaded
- http://www.securityfocus.com/bid/19634
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28578
- https://www.exploit-db.com/exploits/2246
- http://secunia.com/advisories/21583
- http://securityreason.com/securityalert/1489
- http://www.mexhackteam.org/prethoonker/DoS_ADV_2Wire.txt
- http://www.securityfocus.com/archive/1/443906/100/100/threaded
- http://www.securityfocus.com/bid/19634
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28578
- https://www.exploit-db.com/exploits/2246