Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1557

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-1557
Last Modified 23 May 2009 01:31:46
Published 06 May 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1557

Summary

Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the next_file parameter to (1) main.cgi, (2) img/main.cgi, or (3) adm/file.cgi; or (4) the this_file parameter to adm/file.cgi.

Vulnerable Systems


References

XF - wvc54gca-nextfile-xss(50224)

VUPEN - ADV-2009-1173

BID - 34714

MISC - http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-4/

SECUNIA - 34767


Last Updated: 27 May 2016 10:50:36