CVE-2008-1257
ZyXEL P-660HW Series - Cross-Site Scripting via PingIPAddr Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router allows remote attackers to inject arbitrary web script or HTML via the PingIPAddr parameter.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://www.gnucitizen.org/projects/router-hacking-challenge/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41109
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489009/100/0/threaded
Scores
EPSS
0.0028
EPSS Percentile
51.3%
Details
CWE
CWE-79
Status
published
Products (6)
zyxel/p-660hw
_t1 (2 CPE variants)
zyxel/p-660hw_d1
zyxel/p-660hw_d1
v2
zyxel/p-660hw_d3
zyxel/p-660hw_t3
zyxel/p-660hw_t3
v2
Published
Mar 10, 2008
Tracked Since
Feb 18, 2026