Cross-Site Scripting Vulnerability in APC Switched Rack PDU AP7932
CVE-2009-4406

Currently unrated

Key Information:

Vendor

Apc

Status
Ap7932 B2 Firmware
Ap7932 B2
Vendor
CVE Published:
23 December 2009

What is CVE-2009-4406?

An XSS vulnerability exists in the Forms/login1 component of the APC Switched Rack PDU AP7932, specifically affecting versions running rpdu 3.3.3 or 3.7.0 on AOS 3.3.4. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML via the login_username parameter, potentially compromising the security of users accessing the affected devices. If successfully exploited, attackers may execute malicious scripts in the context of the user’s session, leading to unauthorized access and further attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.packetstormsecurity.org/0912-exploits/apc-xss.txt
x_refsource_MISC
http://www.securityfocus.com/archive/1/508468/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/37338
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.