CVE-2007-4733

high

Description

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077.

References

http://www.securityfocus.com/archive/1/478314/100/0/threaded

http://securitytracker.com/id?1018641

http://securityreason.com/securityalert/3093

http://osvdb.org/45877

Details

Source: Mitre, NVD

Published: 2007-09-06

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

EPSS

EPSS: 0.00661