Cross-Site Scripting Vulnerability in Linksys WRT160N
CVE-2008-6280

Currently unrated

Key Information:

Vendor: Cisco
Status: Wrt160n
Vendor: CVE Published:; 25 February 2009

Summary

The Linksys WRT160N router is susceptible to a cross-site scripting (XSS) vulnerability in the apply.cgi component. This flaw permits remote attackers to exploit the action parameter within the DHCP_Static operation. By doing so, they can inject arbitrary web scripts or HTML into the router's web interface, potentially leading to unauthorized actions and security breaches for users accessing the affected device. It is crucial for administrators to take preventative measures against this type of vulnerability to protect their network environment.

References

http://packetstormsecurity.org/0811-exploits/linksys-xss.txt

x_refsource_MISC

http://www.securityfocus.com/bid/32496

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/46980

vdb-entryx_refsource_XF

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 25, 2009
Vulnerability Reserved
Feb 25, 2009