CVE-2007-5411

Опубликовано: 12 окт. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066430.html
http://secunia.com/advisories/27116
http://www.securityfocus.com/bid/25987
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/37022
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066430.html
http://secunia.com/advisories/27116
http://www.securityfocus.com/bid/25987
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/37022

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:linksys:spa941:*:5.1.8_firmware:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02499

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-g3rm-6wv6-vhw7

github

почти 4 года назад