ID

VAR-200803-0166


CVE

CVE-2008-1243


TITLE

Linksys WRT300N Router cross-site scripting vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-004202

DESCRIPTION

Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. A web server can use a remote site's FormMail script without authorization, using remote system resources or exploiting other vulnerabilities in the script. For example, this issue can be used to exploit BID 2079, "Matt Wright FormMail Remote Command Execution Vulnerability". FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. User supplied data (from the "recipient" hidden field) is passed to a Perl OPEN function without proper input verification, allowing the use of the command separation shell metacharacter (;) to execute arbitrary commands on the remote host. Consequences could range from destruction of data and web site defacement to elevation of privileges through locally exploitable vulnerabilities. Wrt300n is prone to a cross-site scripting vulnerability

Trust: 2.52

sources: NVD: CVE-2008-1243 // JVNDB: JVNDB-2008-004202 // BID: 2080 // BID: 2079 // BID: 81418 // VULHUB: VHN-31368

AFFECTED PRODUCTS

vendor:linksysmodel:wrt300nscope:eqversion:*

Trust: 1.0

vendor:linksysmodel:wrt300nscope:eqversion:2.00.20

Trust: 0.9

vendor:cisco linksysmodel:wrt300nscope:eqversion:2.00.20

Trust: 0.8

vendor:mattmodel:wright formmailscope:eqversion:1.0

Trust: 0.6

vendor:mattmodel:wright formmailscope:neversion:1.9

Trust: 0.6

vendor:mattmodel:wright formmailscope:eqversion:1.8

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.7

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.6

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.5

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.4

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.3

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.2

Trust: 0.3

vendor:mattmodel:wright formmailscope:eqversion:1.1

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.8

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.7

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.6

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.5

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.4

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.3

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.2

Trust: 0.3

vendor:mattmodel:wright formmailscope:neversion:1.1

Trust: 0.3

sources: BID: 2080 // BID: 2079 // BID: 81418 // JVNDB: JVNDB-2008-004202 // CNNVD: CNNVD-200803-121 // NVD: CVE-2008-1243

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1243
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-1243
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200803-121
value: MEDIUM

Trust: 0.6

VULHUB: VHN-31368
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-1243
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-31368
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-31368 // JVNDB: JVNDB-2008-004202 // CNNVD: CNNVD-200803-121 // NVD: CVE-2008-1243

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-31368 // JVNDB: JVNDB-2008-004202 // NVD: CVE-2008-1243

THREAT TYPE

network

Trust: 0.9

sources: BID: 2080 // BID: 2079 // BID: 81418

TYPE

Input Validation Error

Trust: 0.6

sources: BID: 2079 // BID: 81418

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-004202

PATCH

title:Linksysurl:http://home.cisco.com/en-apac/home

Trust: 0.8

sources: JVNDB: JVNDB-2008-004202

EXTERNAL IDS

db:NVDid:CVE-2008-1243

Trust: 2.8

db:XFid:300

Trust: 0.9

db:XFid:41121

Trust: 0.9

db:JVNDBid:JVNDB-2008-004202

Trust: 0.8

db:CNNVDid:CNNVD-200803-121

Trust: 0.7

db:BIDid:2079

Trust: 0.6

db:BUGTRAQid:20080301 THE ROUTER HACKING CHALLENGE IS OVER!

Trust: 0.6

db:BIDid:81418

Trust: 0.4

db:BIDid:2080

Trust: 0.3

db:VULHUBid:VHN-31368

Trust: 0.1

sources: VULHUB: VHN-31368 // BID: 2080 // BID: 2079 // BID: 81418 // JVNDB: JVNDB-2008-004202 // CNNVD: CNNVD-200803-121 // NVD: CVE-2008-1243

REFERENCES

url:http://code.bulix.org/cx46qa-65489

Trust: 2.0

url:http://code.bulix.org/koom78-65490

Trust: 2.0

url:http://www.gnucitizen.org/projects/router-hacking-challenge/

Trust: 2.0

url:http://www.securityfocus.com/archive/1/489009/100/0/threaded

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/41121

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/41121

Trust: 0.9

url:http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1243

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1243

Trust: 0.8

url:http://www.worldwidemart.com/scripts/formmail.shtml

Trust: 0.6

url:http://xforce.iss.net/static/300.php

Trust: 0.3

url:http://www.securityfocus.com/bid/2079

Trust: 0.3

url:http://www.guard.dubna.ru/cgibug.html

Trust: 0.3

sources: VULHUB: VHN-31368 // BID: 2080 // BID: 2079 // BID: 81418 // JVNDB: JVNDB-2008-004202 // CNNVD: CNNVD-200803-121 // NVD: CVE-2008-1243

CREDITS

Discovery information is not currently known.

Trust: 0.3

sources: BID: 2080

SOURCES

db:VULHUBid:VHN-31368
db:BIDid:2080
db:BIDid:2079
db:BIDid:81418
db:JVNDBid:JVNDB-2008-004202
db:CNNVDid:CNNVD-200803-121
db:NVDid:CVE-2008-1243

LAST UPDATE DATE

2024-08-14T12:35:58.440000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-31368date:2018-10-11T00:00:00
db:BIDid:2080date:1997-01-01T00:00:00
db:BIDid:2079date:1995-08-02T00:00:00
db:BIDid:81418date:2008-03-10T00:00:00
db:JVNDBid:JVNDB-2008-004202date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200803-121date:2008-09-05T00:00:00
db:NVDid:CVE-2008-1243date:2018-10-11T20:31:15.010

SOURCES RELEASE DATE

db:VULHUBid:VHN-31368date:2008-03-10T00:00:00
db:BIDid:2080date:1997-01-01T00:00:00
db:BIDid:2079date:1995-08-02T00:00:00
db:BIDid:81418date:2008-03-10T00:00:00
db:JVNDBid:JVNDB-2008-004202date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200803-121date:2008-03-10T00:00:00
db:NVDid:CVE-2008-1243date:2008-03-10T17:44:00