VAR-200707-0349
Vulnerability from variot - Updated: 2025-04-10 20:56Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter. (1) c4_trap_ip_ Parameters (2) devname Parameters (3) snmp_getcomm Parameters (4) snmp_setcomm Parameters. Attackers may exploit this issue by enticing victims into opening a malicious URI. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This may help the attacker steal cookie-based authentication credentials, cause denial-of-service conditions, and launch other attacks. Successful exploits will allow script code to be stored persistently in the affected device. Linksys Wireless-G ADSL Gateway WAG54GS running firmware V1.00.06 is reported vulnerable. Linksys WAG54GS is a wireless ADSL router launched by Cisco. Linksys WAG54GS has an input validation vulnerability when processing user requests. If an attacker visits the router's configuration page and submits a malicious HTTP request, a cross-site scripting attack can be performed.
2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published
How do you know which Secunia advisories are important to you?
The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively.
Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv
TITLE: Linksys WAG54GS Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities
SECUNIA ADVISORY ID: SA27738
VERIFY ADVISORY: http://secunia.com/advisories/27738/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
OPERATING SYSTEM: Linksys WAG54GS Wireless-G ADSL Gateway with SpeedBooster 1.x http://secunia.com/product/16625/
DESCRIPTION: Adrian Pastor has reported some vulnerabilities in Linksys WAG54GS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
1) Input passed to the "devname", "snmp_getcomm", "snmp_setcomm", and "c4_trap_ip_" parameters in setup.cgi is not properly sanitised before being returned to the user.
2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. perform certain administrative actions by enticing a logged-in administrator to visit a malicious site.
The vulnerabilities are reported in firmware version 1.00.06. Other versions may also be affected.
SOLUTION: Vulnerability #1 has reportedly been fixed in firmware version 1.01.03.
Do not browse untrusted websites or follow untrusted links while logged on to the device.
PROVIDED AND/OR DISCOVERED BY: Adrian Pastor
ORIGINAL ADVISORY: http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wag54gs",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.00.06"
},
{
"model": "wag54gs",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.00.06"
},
{
"model": "wireless-g adsl gateway wag54gs",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.0.6"
}
],
"sources": [
{
"db": "BID",
"id": "24682"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:linksys:wag54gs",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adrian Pastor\u203b m123303@richmond.ac.uk",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3574",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2007-3574",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-26936",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3574",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2007-3574",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-072",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-26936",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26936"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter. (1) c4_trap_ip_ Parameters (2) devname Parameters (3) snmp_getcomm Parameters (4) snmp_setcomm Parameters. \nAttackers may exploit this issue by enticing victims into opening a malicious URI. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This may help the attacker steal cookie-based authentication credentials, cause denial-of-service conditions, and launch other attacks. \nSuccessful exploits will allow script code to be stored persistently in the affected device. \nLinksys Wireless-G ADSL Gateway WAG54GS running firmware V1.00.06 is reported vulnerable. Linksys WAG54GS is a wireless ADSL router launched by Cisco. Linksys WAG54GS has an input validation vulnerability when processing user requests. If an attacker visits the router\u0027s configuration page and submits a malicious HTTP request, a cross-site scripting attack can be performed. \n\n----------------------------------------------------------------------\n\n2003: 2,700 advisories published\n2004: 3,100 advisories published\n2005: 4,600 advisories published\n2006: 5,300 advisories published\n\nHow do you know which Secunia advisories are important to you?\n\nThe Secunia Vulnerability Intelligence Solutions allows you to filter\nand structure all the information you need, so you can address issues\neffectively. \n\nGet a free trial of the Secunia Vulnerability Intelligence Solutions:\nhttp://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv\n\n----------------------------------------------------------------------\n\nTITLE:\nLinksys WAG54GS Cross-Site Scripting and Cross-Site Request Forgery\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA27738\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27738/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nLinksys WAG54GS Wireless-G ADSL Gateway with SpeedBooster 1.x\nhttp://secunia.com/product/16625/\n\nDESCRIPTION:\nAdrian Pastor has reported some vulnerabilities in Linksys WAG54GS,\nwhich can be exploited by malicious people to conduct cross-site\nscripting and cross-site request forgery attacks. \n\n1) Input passed to the \"devname\", \"snmp_getcomm\", \"snmp_setcomm\", and\n\"c4_trap_ip_\" parameters in setup.cgi is not properly sanitised before\nbeing returned to the user. \n\n2) The application allows users to perform certain actions via HTTP\nrequests without performing any validity checks to verify the\nrequest. This can be exploited to e.g. perform certain administrative\nactions by enticing a logged-in administrator to visit a malicious\nsite. \n\nThe vulnerabilities are reported in firmware version 1.00.06. Other\nversions may also be affected. \n\nSOLUTION:\nVulnerability #1 has reportedly been fixed in firmware version\n1.01.03. \n\nDo not browse untrusted websites or follow untrusted links while\nlogged on to the device. \n\nPROVIDED AND/OR DISCOVERED BY:\nAdrian Pastor\n\nORIGINAL ADVISORY:\nhttp://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3574"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "BID",
"id": "24682"
},
{
"db": "VULHUB",
"id": "VHN-26936"
},
{
"db": "PACKETSTORM",
"id": "61204"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26936",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26936"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3574",
"trust": 2.8
},
{
"db": "BID",
"id": "24682",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "27738",
"trust": 1.2
},
{
"db": "OSVDB",
"id": "40877",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "40878",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20080301 THE ROUTER HACKING CHALLENGE IS OVER!",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200707-072",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "30254",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-83687",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "61204",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26936"
},
{
"db": "BID",
"id": "24682"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "PACKETSTORM",
"id": "61204"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"id": "VAR-200707-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26936"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T20:56:56.236000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys",
"trust": 0.8,
"url": "http://home.cisco.com/en-apac/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26936"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/24682"
},
{
"trust": 1.7,
"url": "http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs/"
},
{
"trust": 1.7,
"url": "http://www.gnucitizen.org/projects/router-hacking-challenge/"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/24682.html"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/27738/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://osvdb.org/40877"
},
{
"trust": 1.1,
"url": "http://osvdb.org/40878"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3574"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3574"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs"
},
{
"trust": 0.3,
"url": "http://www.linksys.com"
},
{
"trust": 0.3,
"url": "/archive/1/484002"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16625/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/38/vi/?ref=secadv"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26936"
},
{
"db": "BID",
"id": "24682"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "PACKETSTORM",
"id": "61204"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-26936"
},
{
"db": "BID",
"id": "24682"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"db": "PACKETSTORM",
"id": "61204"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-05T00:00:00",
"db": "VULHUB",
"id": "VHN-26936"
},
{
"date": "2007-06-27T00:00:00",
"db": "BID",
"id": "24682"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"date": "2007-11-27T02:10:48",
"db": "PACKETSTORM",
"id": "61204"
},
{
"date": "2007-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"date": "2007-07-05T20:30:00",
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-26936"
},
{
"date": "2007-11-21T00:34:00",
"db": "BID",
"id": "24682"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004075"
},
{
"date": "2007-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-072"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2007-3574"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Linksys WAG54GS Wireless-G ADSL Gateway Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004075"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-072"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…