Cross-Site Scripting Flaw in Motorola Wimax Modem CPEi300
CVE-2009-0393

Currently unrated

Key Information:

Vendor: Motorola
Status: Cpei300
Vendor: CVE Published:; 3 February 2009

Summary

The Motorola Wimax Modem CPEi300 is affected by a cross-site scripting (XSS) vulnerability in the sysconf.cgi file, which allows remote authenticated users to inject arbitrary web scripts or HTML via the 'page' parameter. This vulnerability can potentially compromise user data and facilitate further attacks, underscoring the need for secure coding practices in web-facing applications.

References

http://www.securityfocus.com/bid/33519

vdb-entryx_refsource_BID

https://www.exploit-db.com/exploits/7915

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/archive/1/500545/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Feb 3, 2009
Vulnerability Reserved
Feb 2, 2009