Cross-Site Scripting Vulnerability in Comtrend ADSL Router
CVE-2010-0470

Currently unrated

Key Information:

Vendor: Comtrend
Status: Ct-507it Adsl Router
Vendor: CVE Published:; 2 February 2010

What is CVE-2010-0470?

The vulnerability in the Comtrend CT-507IT ADSL Router allows remote attackers to exploit the device by injecting arbitrary web scripts or HTML through the 'srvName' parameter in the scvrtsrv.cmd file. This XSS vulnerability can lead to unauthorized actions or information disclosure, compromising user security and privacy.

References

http://secunia.com/advisories/38309

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/38004

vdb-entryx_refsource_BID

http://packetstormsecurity.org/1001-exploits/comtrend-xss...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Feb 2, 2010