Cisco Linksys E4200 - '/apply.cgi' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/59558/info The Cisco Linksys E1200 N300 router is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Cisco Linksys E4200 - apply.cgi Multiple Cross-Site Scripting Vulnerabilities

Cisco Linksys E4200 - apply.cgi Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/59558/info The Cisco Linksys E1200 N300 router is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may...

Cisco Linksys EA2700 Router - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/59054/info Cisco Linksys EA2700 routers is prone to the following security vulnerabilities: 1. A security-bypass vulnerability 2. A cross-site request-forgery vulnerability 3. A cross-site scripting vulnerability An attacker can exploit these issues to...

Linksys WRT54GL apply.cgi Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Linksys WRT54GL apply.cgi Command...

Linksys WRT54GL apply.cgi Command Execution

Exploit for hardware platform in category remote exploits require 'msf/core' class Metasploit3 'Linksys WRT54GL apply.cgi Command Execution', 'Description' = %q Some Linksys Routers are vulnerable to an authenticated OS command injection in the Web Interface. Default credentials are admin/admin o...

Linksys E1500/E2500 - 'apply.cgi' Remote Command Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Linksys E1500/E2500 apply.cgi Remote...

Linksys apply.cgi Buffer Overflow

require 'msf/core' class Metasploit3 'Linksys apply.cgi buffer overflow', 'Description' = %q This module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS...

Cross site scripting

Cross-site scripting XSS vulnerability in apply.cgi on the Linksys WRT160N allows remote attackers to inject arbitrary web script or HTML via the action parameter in a DHCPStatic operation...

CVE-2008-6280

The vulnerability affects the Linksys WRT160N router, exposed through the apply.cgi utility. The root cause is an XSS flaw in the DHCP_Static path caused by unsanitized input via the action parameter, allowing remote attackers to inject arbitrary web script or HTML. According to the sources, the ...

Linksys WRT160N apply.cgi文件跨站脚本漏洞

BUGTRAQ ID: 32496 WRT160N是Linksy最新推出的一款802.11n无线路由器。 Linksys WRT160N的apply.cgi文件没有正确地过滤对action参数所传送的输入便返回给了管理员，远程攻击者可以通过提交恶意请求导致在管理员的浏览器会话中执行任意HTML和脚本代码。 0 Linksys WRT160N Linksys ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： a href=http://www.linksys.com...

Linksys WRT54 Access Point apply.cgi Buffer Overflow

This module exploits a stack buffer overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS version prior to 1.05.2 may be affected. This module requires Metasploit:...

CVE-2008-0228

Cross-site request forgery CSRF vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators...

CVE-2005-3661

Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0.8 and 5.1.1.6, and possibly other versions, allows remote attackers to reset authentication credentials, then change configuration or firmware, via a direct request to apply.cgi with the Page parameter set to advpassword.asp...

CVE-2005-2799

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request...

CVE-2005-2799

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request...

Linksys WRT54G < 4.20.7 WRT54GS < 1.05.2 apply.cgi Buffer Overflow

No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'Linksys apply.cgi buffer overflow', 'Description' = %q This module exploits a stack overflow in apply.cgi on th...

Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Remote Buffer Overflow (Metasploit)

require 'msf/core' class Metasploit3 'Linksys apply.cgi buffer overflow', 'Description' = %q This module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who discovered this vulnerability, all WRT54G versions prior to 4.20.7 and all WRT54GS...

Linksys WRT54G 4.20.7 WRT54GS 1.05.2 - apply.cgi Remote Buffer Overflow (Metasploit)

Linksys WRT54G 4.20.7 WRT54GS 1.05.2 - apply.cgi Remote Buffer Overflow Metasploit require 'msf/core' class Metasploit3 'Linksys apply.cgi buffer overflow', 'Description' = %q This module exploits a stack overflow in apply.cgi on the Linksys WRT54G and WRT54GS routers. According to iDefense who...