ID
VAR-190001-0820
TITLE
Alice Modem 'rulename' parameter cross-site scripting vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2011-2711
DESCRIPTION
Alice Modem is a modem. A cross-site scripting vulnerability exists in Alice Modem. The vulnerability is caused by the device not being able to properly handle the user-provided input. The remote attacker can execute arbitrary script code in the context of the user's browser of the affected site with the rulename parameter and steal the cookie-based authentication certificate
Trust: 0.81
sources:
CNVD: CNVD-2011-2711 //
BID: 48642
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2011-2711
AFFECTED PRODUCTS
| vendor: | alice | model: | modem | scope: | eq | version: | 1111 | Trust: 0.9 |
sources:
CNVD: CNVD-2011-2711 //
BID: 48642
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201107-142
TYPE
XSS
Trust: 0.6
sources:
CNNVD: CNNVD-201107-142
EXTERNAL IDS
| db: | BID | id: | 48642 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2011-2711 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201107-142 | Trust: 0.6 |
sources:
CNVD: CNVD-2011-2711 //
BID: 48642 //
CNNVD: CNNVD-201107-142
REFERENCES
| url: | http://www.securityfocus.com/bid/48642/infohttp | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/48642 | Trust: 0.6 |
| url: | https://www.alice-dsl.de | Trust: 0.3 |
sources:
CNVD: CNVD-2011-2711 //
BID: 48642 //
CNNVD: CNNVD-201107-142
CREDITS
Moritz Naumann
Trust: 0.9
sources:
BID: 48642 //
CNNVD: CNNVD-201107-142
SOURCES
| db: | CNVD | id: | CNVD-2011-2711 |
| db: | BID | id: | 48642 |
| db: | CNNVD | id: | CNNVD-201107-142 |
LAST UPDATE DATE
2022-05-17T02:02:15.444000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-2711 | date: | 2011-07-15T00:00:00 |
| db: | BID | id: | 48642 | date: | 2015-03-19T08:25:00 |
| db: | CNNVD | id: | CNNVD-201107-142 | date: | 2011-07-14T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-2711 | date: | 2011-07-15T00:00:00 |
| db: | BID | id: | 48642 | date: | 2011-07-12T00:00:00 |
| db: | CNNVD | id: | CNNVD-201107-142 | date: | 1900-01-01T00:00:00 |