Lucene search

MitreCVE-2007-3784

HistoryJul 15, 2007 - 11:30 p.m.

CVE-2007-3784

2007-07-1523:30:00

mitre

web.nvd.nist.gov

cve-2007-3784

cross-site scripting

xss vulnerability

belkin g plus router

f5d7231-4

firmware 4.05.03

remote attackers

dhcp client

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

79.1%

JSON

Cross-site scripting (XSS) vulnerability in the Belkin G Plus Router F5D7231-4 with firmware 4.05.03 allows remote attackers to inject arbitrary web script or HTML via a hostname of a DHCP client.

Affected configurations

Nvd

Node

belkinf5d7231-4Matchfirmware_4.05.03

VendorProductVersionCPE
belkinf5d7231-4firmware_4.05.03cpe:2.3:h:belkin:f5d7231-4:firmware_4.05.03:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
belkin	f5d7231-4	firmware_4.05.03	cpe:2.3:h:belkin:f5d7231-4:firmware_4.05.03:::::::*

References

archives.neohapsis.com/archives/fulldisclosure/2007-07/0179.html

archives.neohapsis.com/archives/fulldisclosure/2007-07/att-0179/Belkin_Router_fw_40503_xss_06_64.txt

osvdb.org/36361

secunia.com/advisories/26059

www.portcullis-security.com/uplds/advisories/Belkin_Router_fw_40503_xss%2006_64.txt

www.securityfocus.com/bid/24881

www.vupen.com/english/advisories/2007/2527

exchange.xforce.ibmcloud.com/vulnerabilities/35380

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

79.1%

JSON

Related for CVE-2007-3784