Lucene search

[email protected]CVE-2010-2506

HistoryJun 28, 2010 - 6:30 p.m.

CVE-2010-2506

2010-06-2818:30:01

CWE-79

[email protected]

web.nvd.nist.gov

cve-2010-2506

cross-site scripting

xss

linksys

wap54gv3

firmware

vulnerability

nvd

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter.

Affected configurations

NVD

Node

ciscolinksys_firmwareMatch3.04.03

ciscolinksys_firmwareMatch3.05.03

AND

ciscolinksys_wap54g

CPENameOperatorVersion
cisco:linksys_firmwarecisco linksys firmwareeq3.04.03
cisco:linksys_firmwarecisco linksys firmwareeq3.05.03
cisco:linksys_wap54gcisco linksys wap54geq*

CPE	Name	Operator	Version
cisco:linksys_firmware	cisco linksys firmware	eq	3.04.03
cisco:linksys_firmware	cisco linksys firmware	eq	3.05.03
cisco:linksys_wap54g	cisco linksys wap54g	eq	*

References

www.securityfocus.com/archive/1/511952/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/59699

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

Related for CVE-2010-2506

prion1 cvelist1 nvd1