Description
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489009/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41270
Exploit x_refsource_misc
http://www.gnucitizen.org/projects/router-hacking-challenge/
Exploit x_refsource_misc
http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43539
Scores
EPSS
0.0034
EPSS Percentile
56.8%
Details
CWE
CWE-79
Status
published
Products (1)
linksys/wag54gs
< firmware_1.01.03
Published
Mar 13, 2008
Tracked Since
Feb 18, 2026