Cross-Site Scripting Vulnerability in Linksys VoIP Phone
CVE-2007-5411

Currently unrated

Key Information:

Vendor

Linksys
Status
Spa941
Vendor
CVE Published:
12 October 2007

What is CVE-2007-5411?

The Linksys SPA941 VoIP Phone with firmware version 5.1.8 is vulnerable to a Cross-Site Scripting (XSS) attack. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML, specifically through the From header in a SIP message. If successfully executed, this could enable unauthorized actions to be taken on behalf of legitimate users, potentially leading to further exploitation within the affected network.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/27116
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/25987
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/37022
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.