Lucene search

[email protected]CVE-2007-5385

HistoryOct 12, 2007 - 1:17 a.m.

CVE-2007-5385

2007-10-1201:17:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2007-5385

thomson

alcatel

speedtouch

router

xss

vulnerabilities

nvd

bt home hub

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

alcatelspeedtouch_7g_router

bthome_hub

CPENameOperatorVersion
alcatel:speedtouch_7g_routeralcatel speedtouch 7g routereq*
bt:home_hubbt home hubeq*

CPE	Name	Operator	Version
alcatel:speedtouch_7g_router	alcatel speedtouch 7g router	eq	*
bt:home_hub	bt home hub	eq	*

References

securityreason.com/securityalert/3213

www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub

www.securityfocus.com/archive/1/481835/100/0/threaded

www.securityfocus.com/bid/25972

www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

Related for CVE-2007-5385

cvelist1 prion1 nvd1