Details of VAR-201006-0465

ID

VAR-201006-0465

CVE

CVE-2010-2506

TITLE

Linksys WAP54Gv3 of debug.cgi Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2010-004170

DESCRIPTION

Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter. Linksys WAP54Gv3 is a wireless router device

Trust: 1.98

sources: NVD: CVE-2010-2506 // JVNDB: JVNDB-2010-004170 // BID: 73603 // VULHUB: VHN-45111

AFFECTED PRODUCTS

vendor:	cisco	model:	linksys	scope:	eq	version:	3.05.03	Trust: 1.9
vendor:	cisco	model:	linksys	scope:	eq	version:	3.04.03	Trust: 1.9
vendor:	cisco	model:	linksys wap54g	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	linksys	scope:	eq	version:	3.04.03 and 3.05.03	Trust: 0.8
vendor:	cisco	model:	linksys wap54g	scope:	eq	version:	v3	Trust: 0.8
vendor:	cisco	model:	linksys wap54g	scope:	eq	version:	0	Trust: 0.3

sources: BID: 73603 // JVNDB: JVNDB-2010-004170 // CNNVD: CNNVD-201006-445 // NVD: CVE-2010-2506

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-2506
value:	LOW
Trust: 1.0
NVD:	CVE-2010-2506
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-201006-445
value:	LOW
Trust: 0.6
VULHUB:	VHN-45111
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2010-2506
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-45111
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-45111 // JVNDB: JVNDB-2010-004170 // CNNVD: CNNVD-201006-445 // NVD: CVE-2010-2506

PROBLEMTYPE DATA

problemtype:

CWE-79

Trust: 1.9

sources: VULHUB: VHN-45111 // JVNDB: JVNDB-2010-004170 // NVD: CVE-2010-2506

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201006-445

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201006-445

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-004170

PATCH

title:

Top Page

url:

http://www.cisco.com/

Trust: 0.8

sources: JVNDB: JVNDB-2010-004170

EXTERNAL IDS

db:	NVD	id:	CVE-2010-2506	Trust: 2.8
db:	XF	id:	59699	Trust: 0.9
db:	JVNDB	id:	JVNDB-2010-004170	Trust: 0.8
db:	CNNVD	id:	CNNVD-201006-445	Trust: 0.7
db:	XF	id:	54	Trust: 0.6
db:	BUGTRAQ	id:	20100623 IS-2010-003 - LINKSYS WAP54GV3 DEBUG.CGI CROSS-SITE SCRIPTING	Trust: 0.6
db:	BID	id:	73603	Trust: 0.4
db:	VULHUB	id:	VHN-45111	Trust: 0.1

sources: VULHUB: VHN-45111 // BID: 73603 // JVNDB: JVNDB-2010-004170 // CNNVD: CNNVD-201006-445 // NVD: CVE-2010-2506

REFERENCES

url:	http://www.securityfocus.com/archive/1/511952/100/0/threaded	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/59699	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/59699	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/511952/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2506	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2506	Trust: 0.8

sources: VULHUB: VHN-45111 // BID: 73603 // JVNDB: JVNDB-2010-004170 // CNNVD: CNNVD-201006-445 // NVD: CVE-2010-2506

CREDITS

Unknown

Trust: 0.3

sources: BID: 73603

SOURCES

db:	VULHUB	id:	VHN-45111
db:	BID	id:	73603
db:	JVNDB	id:	JVNDB-2010-004170
db:	CNNVD	id:	CNNVD-201006-445
db:	NVD	id:	CVE-2010-2506

LAST UPDATE DATE

2025-04-11T19:59:36.874000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-45111	date:	2018-10-10T00:00:00
db:	BID	id:	73603	date:	2010-06-28T00:00:00
db:	JVNDB	id:	JVNDB-2010-004170	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-201006-445	date:	2010-06-30T00:00:00
db:	NVD	id:	CVE-2010-2506	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-45111	date:	2010-06-28T00:00:00
db:	BID	id:	73603	date:	2010-06-28T00:00:00
db:	JVNDB	id:	JVNDB-2010-004170	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-201006-445	date:	2010-06-30T00:00:00
db:	NVD	id:	CVE-2010-2506	date:	2010-06-28T18:30:01.060