Sign-up

ID

VAR-201002-0765


CVE

CVE-2010-0607


TITLE

Sterlite SAM300 AX Router of Forms/status_statistics_1 Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2010-005267

DESCRIPTION

Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Router allows remote attackers to inject arbitrary web script or HTML via the Stat_Radio parameter. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. Input passed via e.g. the "Stat_Radio" parameter to Forms/status_statistics_1 is not properly sanitised before being returned to the user. Note: This can be used to change certain router settings (e.g. the DNS server), which can be leveraged to conduct further attacks. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the administration interface. PROVIDED AND/OR DISCOVERED BY: Karn Ganeshen CHANGELOG: 2010-02-11: Added note to "Description" section. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0075.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-0607 // JVNDB: JVNDB-2010-005267 // BID: 39928 // VULHUB: VHN-43212 // PACKETSTORM: 86188

AFFECTED PRODUCTS

vendor:sterlitetechnologiesmodel:sam300 ax routerscope: - version: -

Trust: 1.4

vendor:sterlitetechnologiesmodel:sam300 ax routerscope:eqversion:*

Trust: 1.0

vendor:sterlitetechnologiesmodel:sam300 ax routerscope:eqversion:0

Trust: 0.3

sources: BID: 39928 // JVNDB: JVNDB-2010-005267 // CNNVD: CNNVD-201002-115 // NVD: CVE-2010-0607

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-0607
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-0607
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201002-115
value: MEDIUM

Trust: 0.6

VULHUB: VHN-43212
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-0607
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-43212
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-43212 // JVNDB: JVNDB-2010-005267 // CNNVD: CNNVD-201002-115 // NVD: CVE-2010-0607

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-43212 // JVNDB: JVNDB-2010-005267 // NVD: CVE-2010-0607

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201002-115

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 86188 // CNNVD: CNNVD-201002-115

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-005267

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-43212

PATCH
title:SAM300 AX Routerurl:http://www.sterlitetechnologies.com/ProductWithContents.aspx?PID=62&PName=SAM300%20Multi%20Port%20ADSL%202+%20Modem
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-005267

EXTERNAL IDS
db:NVDid:CVE-2010-0607
Trust: 2.8
db:SECUNIAid:38463
Trust: 1.8
db:OSVDBid:62211
Trust: 1.7
db:JVNDBid:JVNDB-2010-005267
Trust: 0.8
db:CNNVDid:CNNVD-201002-115
Trust: 0.7
db:FULLDISCid:20100204 STERLITE SAM300AX ADSL ROUTER - CROSS SITE
Trust: 0.6
db:BIDid:39928
Trust: 0.4
db:EXPLOIT-DBid:33938
Trust: 0.1
db:VULHUBid:VHN-43212
Trust: 0.1
db:PACKETSTORMid:86188
Trust: 0.1
sources:
            
            
            VULHUB: VHN-43212 // 
            
            
            
            BID: 39928 // 
            
            
            
            JVNDB: JVNDB-2010-005267 // 
            
            
            
            PACKETSTORM: 86188 // 
            
            
            
            CNNVD: CNNVD-201002-115 // 
            
            
            
            NVD: CVE-2010-0607

REFERENCES
url:http://packetstormsecurity.org/1002-exploits/sterlite-xss.txt
Trust: 1.7
url:http://osvdb.org/62211
Trust: 1.7
url:http://secunia.com/advisories/38463
Trust: 1.7
url:http://marc.info/?l=full-disclosure&m=126531284626756&w=2
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0607
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0607
Trust: 0.8
url:http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0075.html
Trust: 0.4
url:http://www.sterlitetechnologies.com/productwithcontents.aspx?pid=62&pname=sam300%20multi%20port%20adsl%202+%20modem
Trust: 0.3
url:http://marc.info/?l=full-disclosure&m=126531284626756&w=2
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/blog/71/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/38463/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-43212 // 
            
            
            
            BID: 39928 // 
            
            
            
            JVNDB: JVNDB-2010-005267 // 
            
            
            
            PACKETSTORM: 86188 // 
            
            
            
            CNNVD: CNNVD-201002-115 // 
            
            
            
            NVD: CVE-2010-0607

CREDITS
Karn Ganeshen
Trust: 0.3
sources:
            
            
            BID: 39928

SOURCES
db:VULHUBid:VHN-43212
db:BIDid:39928
db:JVNDBid:JVNDB-2010-005267
db:PACKETSTORMid:86188
db:CNNVDid:CNNVD-201002-115
db:NVDid:CVE-2010-0607

LAST UPDATE DATE
2025-04-11T23:09:03.721000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-43212date:2010-11-04T00:00:00
db:BIDid:39928date:2010-02-04T00:00:00
db:JVNDBid:JVNDB-2010-005267date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-201002-115date:2010-02-12T00:00:00
db:NVDid:CVE-2010-0607date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-43212date:2010-02-11T00:00:00
db:BIDid:39928date:2010-02-04T00:00:00
db:JVNDBid:JVNDB-2010-005267date:2012-12-20T00:00:00
db:PACKETSTORMid:86188date:2010-02-11T10:10:27
db:CNNVDid:CNNVD-201002-115date:2010-02-11T00:00:00
db:NVDid:CVE-2010-0607date:2010-02-11T17:30:00.957