PT-2005-1397 · Alt N · Alt-N Webadmin

David Alonso Pérez

Published

2005-01-28

Updated

2017-07-11

CVE-2005-0319

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Alt-N WebAdmin version 3.0.4

Description A direct remote injection issue in the modalfram.wdm component allows remote attackers to load external web pages that appear to originate from the WebAdmin server. This enables the injection of arbitrary HTML or web script, facilitating cross-site scripting (XSS) and phishing attacks.

Recommendations For Alt-N WebAdmin version 3.0.4, consider disabling the modalfram.wdm component as a temporary workaround until a patch is available. Restrict access to the WebAdmin server to minimize the risk of exploitation. Avoid using the WebAdmin server for sensitive operations until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0319

Affected Products

Alt-N Webadmin

PT-2005-1397 · Alt N · Alt-N Webadmin

CVE-2005-0319

Related Identifiers

Affected Products

References · 4