CVE-2007-6730 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in the ZyXEL P-330W router allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote router management via goform/formRmtMgt or (2) modify the administrator password via goform/formPasswordSetup.

Reference

http://seclists.org/fulldisclosure/2007/Dec/0559.html http://secunia.com/advisories/28172 http://www.securityfocus.com/bid/27024