VAR-200803-0166
Vulnerability from variot - Updated: 2025-04-10 21:54Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. A web server can use a remote site's FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, "Matt Wright FormMail Remote Command Execution Vulnerability". FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. User supplied data (from the "recipient" hidden field) is passed to a Perl OPEN function without proper input verification, allowing the use of the command separation shell metacharacter (;) to execute arbitrary commands on the remote host. Consequences could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities. Wrt300n is prone to a cross-site scripting vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200803-0166",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt300n",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": "*"
},
{
"model": "wrt300n",
"scope": "eq",
"trust": 0.9,
"vendor": "linksys",
"version": "2.00.20"
},
{
"model": "wrt300n",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "2.00.20"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.6,
"vendor": "matt",
"version": "1.0"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.6,
"vendor": "matt",
"version": "1.9"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.8"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.7"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.6"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.5"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.4"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.3"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.2"
},
{
"model": "wright formmail",
"scope": "eq",
"trust": 0.3,
"vendor": "matt",
"version": "1.1"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.8"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.7"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.6"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.5"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.4"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.3"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.2"
},
{
"model": "wright formmail",
"scope": "ne",
"trust": 0.3,
"vendor": "matt",
"version": "1.1"
}
],
"sources": [
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:linksys:wrt300n",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery information is not currently known.",
"sources": [
{
"db": "BID",
"id": "2080"
}
],
"trust": 0.3
},
"cve": "CVE-2008-1243",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2008-1243",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-31368",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-1243",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-1243",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200803-121",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-31368",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31368"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. \nA web server can use a remote site\u0027s FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, \"Matt Wright FormMail Remote Command Execution Vulnerability\". FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. \nUser supplied data (from the \"recipient\" hidden field) is passed to a Perl OPEN function without proper input verification, allowing the use of the command separation shell metacharacter (;) to execute arbitrary commands on the remote host. Consequences could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities. Wrt300n is prone to a cross-site scripting vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1243"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
},
{
"db": "VULHUB",
"id": "VHN-31368"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1243",
"trust": 2.8
},
{
"db": "XF",
"id": "300",
"trust": 0.9
},
{
"db": "XF",
"id": "41121",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200803-121",
"trust": 0.7
},
{
"db": "BID",
"id": "2079",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080301 THE ROUTER HACKING CHALLENGE IS OVER!",
"trust": 0.6
},
{
"db": "BID",
"id": "81418",
"trust": 0.4
},
{
"db": "BID",
"id": "2080",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-31368",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31368"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"id": "VAR-200803-0166",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31368"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-10T21:54:34.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys",
"trust": 0.8,
"url": "http://home.cisco.com/en-apac/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31368"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://code.bulix.org/cx46qa-65489"
},
{
"trust": 2.0,
"url": "http://code.bulix.org/koom78-65490"
},
{
"trust": 2.0,
"url": "http://www.gnucitizen.org/projects/router-hacking-challenge/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41121"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/41121"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1243"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1243"
},
{
"trust": 0.6,
"url": "http://www.worldwidemart.com/scripts/formmail.shtml"
},
{
"trust": 0.3,
"url": "http://xforce.iss.net/static/300.php"
},
{
"trust": 0.3,
"url": "http://www.securityfocus.com/bid/2079"
},
{
"trust": 0.3,
"url": "http://www.guard.dubna.ru/cgibug.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31368"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31368"
},
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-03-10T00:00:00",
"db": "VULHUB",
"id": "VHN-31368"
},
{
"date": "1997-01-01T00:00:00",
"db": "BID",
"id": "2080"
},
{
"date": "1995-08-02T00:00:00",
"db": "BID",
"id": "2079"
},
{
"date": "2008-03-10T00:00:00",
"db": "BID",
"id": "81418"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"date": "2008-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"date": "2008-03-10T17:44:00",
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-31368"
},
{
"date": "1997-01-01T00:00:00",
"db": "BID",
"id": "2080"
},
{
"date": "1995-08-02T00:00:00",
"db": "BID",
"id": "2079"
},
{
"date": "2008-03-10T00:00:00",
"db": "BID",
"id": "81418"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-004202"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200803-121"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-1243"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "2080"
},
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys WRT300N Router cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-004202"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "2079"
},
{
"db": "BID",
"id": "81418"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…