Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2007-5383
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-12 Oct, 2007 | 01:17
Updated At-23 Apr, 2026 | 00:35

The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Alcatel-Lucent Enterprise (ALE International)
alcatel
>>speedtouch_7g_router>>*
cpe:2.3:h:alcatel:speedtouch_7g_router:*:*:*:*:*:*:*:*
bt
bt
>>home_hub>>Versions up to 6.2.6.b(inclusive)
cpe:2.3:h:bt:home_hub:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE ID: CWE-287
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://securityreason.com/securityalert/3213cve@mitre.org
N/A
http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hubcve@mitre.org
N/A
http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/cve@mitre.org
Exploit
http://www.gnucitizen.org/projects/router-hacking-challenge/cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/481835/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/archive/1/489009/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/25972cve@mitre.org
Exploit
http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/41271cve@mitre.org
N/A
http://securityreason.com/securityalert/3213af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hubaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.gnucitizen.org/projects/router-hacking-challenge/af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/481835/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/489009/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/25972af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/41271af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://securityreason.com/securityalert/3213
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.gnucitizen.org/projects/router-hacking-challenge/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/481835/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/489009/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25972
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/41271
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securityreason.com/securityalert/3213
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.gnucitizen.org/projects/router-hacking-challenge/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/481835/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/489009/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/25972
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/41271
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found