Leetsun

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers (affected versions not specified) **Description** A vulnerability in the web-based management interface of the affected routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear R7000 version 1.0.11.136 10.2.120 **Description** A vulnerability was found in the Web Management Interface of the Netgear R7000, affecting some unknown functionality of the file /debuginfo.htm. This issue leads to information disclosure. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For Netgear R7000 version 1.0.11.136 10.2.120, consider restricting access to the /debuginfo.htm file of the Web Management Interface until a patch is available. As a temporary workaround, avoid using the Web Management Interface if possible, to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear R7000 version 1.0.11.136 10.2.120 **Description** A vulnerability has been found in the Web Management Interface of the Netgear R7000, affecting an unknown functionality of the file /currentsetting.htm. This vulnerability leads to information disclosure. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Netgear R7000 version 1.0.11.136 10.2.120, consider restricting access to the /currentsetting.htm file in the Web Management Interface until a patch is available. As a temporary workaround, avoid using the Web Management Interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linksys WRT54GL version 4.30.18 **Description** A vulnerability was found in the Web Management Interface component, specifically affecting the file /SysInfo1.htm. This issue leads to information disclosure. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Linksys WRT54GL version 4.30.18, as a temporary workaround, consider restricting access to the /SysInfo1.htm file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linksys WRT54GL version 4.30.18 **Description** A vulnerability was found in the Web Management Interface of the Linksys WRT54GL, affecting an unknown part of the file /wlaninfo.htm. This issue leads to information disclosure. The exploit has been disclosed to the public and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For version 4.30.18, consider restricting access to the /wlaninfo.htm file until a patch is available. As a temporary workaround, avoid using the Web Management Interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linksys WRT54GL version 4.30.18 **Description** A vulnerability was found in the Web Management Interface of the Linksys WRT54GL, affecting some unknown functionality of the file /SysInfo.htm. This issue leads to information disclosure. The exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Linksys WRT54GL version 4.30.18, as a temporary workaround, consider restricting access to the /SysInfo.htm file of the Web Management Interface until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability was found in the Netgear SRX5308, which can be exploited to cause a denial of service. The issue is related to incorrect resource release. It is possible to launch the attack remotely. The exploit has been disclosed to the public. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability exists in the Web Management Interface component of the Netgear SRX5308, allowing for cross-site scripting attacks. The manipulation of the `wanName` argument leads to this issue. The attack can be launched remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the Web Management Interface to minimize the risk of exploitation. Avoid using the `wanName` argument in the affected interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability has been found in the Web Management Interface of the Netgear SRX5308, allowing for cross-site scripting attacks. The issue arises from insufficient input validation, enabling a remote attacker to exploit the vulnerability by sending a specially crafted HTTP request using the `BandWidthProfile.ProfileName` parameter. The manipulation of this parameter leads to cross-site scripting. The attack can be launched remotely. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the Web Management Interface or disabling the `scgi-bin/platform.cgi` file until a patch is available. Avoid using the `BandWidthProfile.ProfileName` parameter in the affected HTTP requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability has been found in the Web Management Interface of Netgear SRX5308. The issue is due to insufficient input validation, which can be exploited by a remote attacker to conduct a cross-site scripting attack. This can be achieved by manipulating the `smtpServer.toAddr` argument in a specially crafted HTTP request to the "scgi-bin/platform.cgi?page=firewall logs email.htm" endpoint. The exploit has been disclosed publicly and may be used. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, consider disabling the Web Management Interface or restricting access to the "scgi-bin/platform.cgi?page=firewall logs email.htm" endpoint until a patch is available. Additionally, avoid using the `smtpServer.toAddr` argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability was found in the Web Management Interface of Netgear SRX5308, due to insufficient input validation. This allows a remote attacker to conduct a cross-site scripting attack by sending a specially crafted HTTP request using the `dhcp.winsServer1` parameter. The attack can be launched remotely and the exploit has been disclosed to the public. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the Web Management Interface until a patch is available. Avoid using the `dhcp.winsServer1` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability exists in the Web Management Interface of the Netgear SRX5308, allowing for cross-site scripting attacks. This issue is caused by the lack of protection for the web page structure, enabling a remote attacker to exploit the vulnerability by sending a specially crafted HTTP request using the `sysLogInfo.serverName` parameter. The attack can be launched remotely and may allow an attacker to conduct a cross-site scripting attack. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, consider disabling the `scgi-bin/platform.cgi` endpoint or restricting access to it until a patch is available. Additionally, avoid using the `sysLogInfo.serverName` parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability exists in the Web Management Interface of the Netgear SRX5308 due to insufficient input validation. This issue affects the processing of the file scgi-bin/platform.cgi?page=ike policies.htm, where the manipulation of the `IpsecIKEPolicy.IKEPolicyName` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the Web Management Interface or disabling the use of the `IpsecIKEPolicy.IKEPolicyName` parameter in the affected API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability exists in the Web Management Interface of the Netgear SRX5308, affecting the file scgi-bin/platform.cgi?page=firewall logs email.htm. The issue arises from the manipulation of the `smtpServer.fromAddr` argument, leading to cross-site scripting. This can be initiated remotely. **Recommendations** For versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the `scgi-bin/platform.cgi` endpoint, specifically the `page=firewall logs email.htm` section, until a patch is available. Avoid using the `smtpServer.fromAddr` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** The issue exists due to insufficient input validation in the web management interface of the Netgear SRX5308 router's embedded software. Exploitation of this issue may allow a remote attacker to conduct a cross-site scripting attack by sending a specially crafted HTTP request using the `ntp.server2` parameter. This can be achieved by manipulating the `ntp.server2` argument in the `scgi-bin/platform.cgi?page=time zone.htm` file of the Web Management Interface component. **Recommendations** For versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the `scgi-bin/platform.cgi?page=time zone.htm` endpoint until a patch is available. Avoid using the `ntp.server2` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** The issue exists due to insufficient input validation in the web management interface of the Netgear SRX5308 router's embedded software. This allows a remote attacker to conduct a cross-site scripting attack by sending a specially crafted HTTP request using the `smtpServer.emailServer` parameter. The attack can be initiated remotely and affects an unknown part of the file `scgi-bin/platform.cgi?page=firewall logs email.htm` of the Web Management Interface component. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, consider disabling the `smtpServer.emailServer` parameter in the `scgi-bin/platform.cgi?page=firewall logs email.htm` endpoint as a temporary workaround until a patch is available. Restrict access to the Web Management Interface to minimize the risk of exploitation. Avoid using the `smtpServer.emailServer` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability exists in the Web Management Interface of the Netgear SRX5308 due to insufficient input validation. The issue affects an unknown functionality of the file "scgi-bin/platform.cgi?page=dmz setup.htm". The manipulation of the `ConfigPort.LogicalIfName` argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the "scgi-bin/platform.cgi?page=dmz setup.htm" endpoint until a patch is available. Avoid using the `ConfigPort.LogicalIfName` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A vulnerability has been found in the Web Management Interface of Netgear SRX5308, affecting unknown code of the file scgi-bin/platform.cgi?page=time zone.htm. The manipulation of the `ntp.server1` argument leads to cross-site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Netgear SRX5308 versions up to 4.3.5-3, consider disabling the `ntp.server1` argument in the Web Management Interface as a temporary workaround until a patch is available. Restrict access to the scgi-bin/platform.cgi?page=time zone.htm file to minimize the risk of exploitation. Avoid using the `ntp.server1` parameter in the affected HTTP requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** The issue is related to insufficient protection of the web page structure when handling the `USERDBUsers.Password` argument in the web management interface of Netgear SRX5308 routers. This can be exploited by a remote attacker to conduct cross-site scripting attacks by sending specially crafted HTTP requests. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the web management interface to minimize the risk of exploitation. Avoid using the `USERDBUsers.Password` argument in the affected web interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netgear SRX5308 versions up to 4.3.5-3 **Description** A problematic vulnerability has been found in the Web Management Interface of Netgear SRX5308. The issue is related to insufficient protection of the web page structure when handling the `Login.userAgent` parameter. This allows an attacker to conduct cross-site scripting attacks by sending specially crafted HTTP requests. The attack can be initiated remotely. **Recommendations** For versions up to 4.3.5-3, as a temporary workaround, consider restricting access to the Web Management Interface until a patch is available. Avoid using the `Login.userAgent` parameter in the affected web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.