CVE-2006-3929
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.2%
Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the a parameter.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| zyxel:prestige_660h-61 | zyxel prestige 660h-61 | eq | firmware_3.40_pt.0_b32 |
References
secunia.com/advisories/21225
securityreason.com/securityalert/1301
securitytracker.com/id?1016598
www.eazel.es/media/advisory004-Zyxel-Prestige-660H-61-Cross-Site-Scripting.html
www.osvdb.org/27548
www.securityfocus.com/archive/1/441193/100/0/threaded
www.securityfocus.com/bid/19180
www.vupen.com/english/advisories/2006/3012
exchange.xforce.ibmcloud.com/vulnerabilities/28021
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.2%