PT-2010-4064 · Linksys · Linksys Wap54Gv3

Published

2010-06-28

Updated

2018-10-10

CVE-2010-2506

CVSS v2.0

2.9

Low

Vector

AV:A/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Linksys WAP54Gv3 firmware versions 3.04.03 through 3.05.03

Description A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML via the data1 parameter in the debug.cgi endpoint.

Recommendations For Linksys WAP54Gv3 firmware versions 3.04.03 and 3.05.03, avoid using the data1 parameter in the debug.cgi endpoint until a fix is available.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2010-2506

Affected Products

Linksys Wap54Gv3

PT-2010-4064 · Linksys · Linksys Wap54Gv3

CVE-2010-2506

Weakness Enumeration

Related Identifiers

Affected Products

References · 3