CVE-2007-2334 | Vulnerability Database | Aqua Security

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.

Affected Software

Name	Vendor	Start Version	End Version
Contivity	Nortel	1000_vpn_switch (including)	1000_vpn_switch (including)
Contivity	Nortel	2000_vpn_switch (including)	2000_vpn_switch (including)
Contivity	Nortel	4000_vpn_switch (including)	4000_vpn_switch (including)
Vpn_router_5000	Nortel	*	*

References

http://osvdb.org/35056
http://secunia.com/advisories/24962
http://www.securityfocus.com/bid/23562
http://www.securitytracker.com/id?1017943
http://www.vupen.com/english/advisories/2007/1464
http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null
http://osvdb.org/35056
http://secunia.com/advisories/24962
http://www.securityfocus.com/bid/23562
http://www.securitytracker.com/id?1017943
http://www.vupen.com/english/advisories/2007/1464
http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2334
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html