[DCA-00017] LinkSys BEFSR41 Multiple Stored Xss
[Software/Hardware] - LinkSys DSL Router BEFSR41 V2
[Vendor Product Description] - This Router will allow your computers to share a high-speed Internet connection as well as resources, including files and printers.
[Bug Description] - Linksys does not validate the input size leading to stored Xss bug. - Host name,User Name(PPPoE and PPTP),Customized Applications and other fields are vulnerable.
[History] - Advisory sent to vendor on 01/03/2011. - Vendor reply 01/03/2011 - Published 01/04/2011
[Impact] - Low
[Affected Version] - LinkSys DSL Router BEFSR41 V2 - Firmware: 1.30 1.33.1 1.34 1.35 1.36 1.36T4(beta) 1.37 1.37.1(j) 1.38.5 1.39 1.40.1 1.40.2 1.42.3 1.42.6 1.42.7 1.43 1.43.3 1.44 1.44.2 1.46.2
[Vendor Reply] - According to the vendor, this hardware is deprecated
[Codes] Example in Customized Applications fields: '><h1>B</h1>
[Credits] DcLabs Security Group Sponsor: Crash email@example.com
-- Ewerson Guimaraes (Crash) Pentester/Researcher DcLabs Security Team www.dclabs.com.br