Sign-up

ID

VAR-200803-0166


CVE

CVE-2008-1243


TITLE

Linksys WRT300N Router cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-004202

DESCRIPTION

Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. A web server can use a remote site's FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, "Matt Wright FormMail Remote Command Execution Vulnerability". FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. User supplied data (from the "recipient" hidden field) is passed to a Perl OPEN function without proper input verification, allowing the use of the command separation shell metacharacter (;) to execute arbitrary commands on the remote host. Consequences could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities. Wrt300n is prone to a cross-site scripting vulnerability

Trust: 2.52

sources: NVD: CVE-2008-1243 // JVNDB: JVNDB-2008-004202 // BID: 2080 // BID: 2079 // BID: 81418 // VULHUB: VHN-31368

AFFECTED PRODUCTS

vendor:linksysmodel:wrt300nscope:eqversion:*

Trust: 1.0

vendor:linksysmodel:wrt300nscope:eqversion:2.00.20

Trust: 0.9

vendor:cisco linksysmodel:wrt300nscope:eqversion:2.00.20

Trust: 0.8

vendor:mattmodel:wright formmailscope:eqversion:1.0

Trust: 0.6

vendor:mattmodel:wright formmailscope:neversion:1.9

Trust: 0.6

vendor:mattmodel:wright formmailscope:eqversion:1.8

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.7

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.6

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.5

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.4

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.3

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.2

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.1

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.8

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.7

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.6

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.5

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.4

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.3

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.2

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.1

Trust: 0.3

sources: BID: 2080 // BID: 2079 // BID: 81418 // JVNDB: JVNDB-2008-004202 // CNNVD: CNNVD-200803-121 // NVD: CVE-2008-1243

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1243
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-1243
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200803-121
value: MEDIUM

Trust: 0.6

VULHUB: VHN-31368
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-1243
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-31368
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-31368 // JVNDB: JVNDB-2008-004202 // CNNVD: CNNVD-200803-121 // NVD: CVE-2008-1243

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-31368 // JVNDB: JVNDB-2008-004202 // NVD: CVE-2008-1243

THREAT TYPE

network

Trust: 0.9

sources: BID: 2080 // BID: 2079 // BID: 81418

TYPE

Input Validation Error

Trust: 0.6

sources: BID: 2079 // BID: 81418

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-004202

PATCH
title:Linksysurl:http://home.cisco.com/en-apac/home
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-004202

EXTERNAL IDS
db:NVDid:CVE-2008-1243
Trust: 2.8
db:XFid:300
Trust: 0.9
db:XFid:41121
Trust: 0.9
db:JVNDBid:JVNDB-2008-004202
Trust: 0.8
db:CNNVDid:CNNVD-200803-121
Trust: 0.7
db:BIDid:2079
Trust: 0.6
db:BUGTRAQid:20080301 THE ROUTER HACKING CHALLENGE IS OVER!
Trust: 0.6
db:BIDid:81418
Trust: 0.4
db:BIDid:2080
Trust: 0.3
db:VULHUBid:VHN-31368
Trust: 0.1
sources:
            
            
            VULHUB: VHN-31368 // 
            
            
            
            BID: 2080 // 
            
            
            
            BID: 2079 // 
            
            
            
            BID: 81418 // 
            
            
            
            JVNDB: JVNDB-2008-004202 // 
            
            
            
            CNNVD: CNNVD-200803-121 // 
            
            
            
            NVD: CVE-2008-1243

REFERENCES
url:http://code.bulix.org/cx46qa-65489
Trust: 2.0
url:http://code.bulix.org/koom78-65490
Trust: 2.0
url:http://www.gnucitizen.org/projects/router-hacking-challenge/
Trust: 2.0
url:http://www.securityfocus.com/archive/1/489009/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/41121
Trust: 1.1
url:http://xforce.iss.net/xforce/xfdb/41121
Trust: 0.9
url:http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1243
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1243
Trust: 0.8
url:http://www.worldwidemart.com/scripts/formmail.shtml
Trust: 0.6
url:http://xforce.iss.net/static/300.php
Trust: 0.3
url:http://www.securityfocus.com/bid/2079
Trust: 0.3
url:http://www.guard.dubna.ru/cgibug.html
Trust: 0.3
sources:
            
            
            VULHUB: VHN-31368 // 
            
            
            
            BID: 2080 // 
            
            
            
            BID: 2079 // 
            
            
            
            BID: 81418 // 
            
            
            
            JVNDB: JVNDB-2008-004202 // 
            
            
            
            CNNVD: CNNVD-200803-121 // 
            
            
            
            NVD: CVE-2008-1243

CREDITS
Discovery information is not currently known.
Trust: 0.3
sources:
            
            
            BID: 2080

SOURCES
db:VULHUBid:VHN-31368
db:BIDid:2080
db:BIDid:2079
db:BIDid:81418
db:JVNDBid:JVNDB-2008-004202
db:CNNVDid:CNNVD-200803-121
db:NVDid:CVE-2008-1243

LAST UPDATE DATE
2024-08-14T12:35:58.440000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-31368date:2018-10-11T00:00:00
db:BIDid:2080date:1997-01-01T00:00:00
db:BIDid:2079date:1995-08-02T00:00:00
db:BIDid:81418date:2008-03-10T00:00:00
db:JVNDBid:JVNDB-2008-004202date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200803-121date:2008-09-05T00:00:00
db:NVDid:CVE-2008-1243date:2018-10-11T20:31:15.010

SOURCES RELEASE DATE
db:VULHUBid:VHN-31368date:2008-03-10T00:00:00
db:BIDid:2080date:1997-01-01T00:00:00
db:BIDid:2079date:1995-08-02T00:00:00
db:BIDid:81418date:2008-03-10T00:00:00
db:JVNDBid:JVNDB-2008-004202date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200803-121date:2008-03-10T00:00:00
db:NVDid:CVE-2008-1243date:2008-03-10T17:44:00