CVE-2009-1557
Cisco Wvc54gca - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the next_file parameter to (1) main.cgi, (2) img/main.cgi, or (3) adm/file.cgi; or (4) the this_file parameter to adm/file.cgi.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by pagvac · javascriptremotehardware
https://www.exploit-db.com/exploits/32955
References (5)
Scores
EPSS
0.1385
EPSS Percentile
94.2%
Classification
CWE
CWE-79
Status
published
Affected Products (3)
cisco/wvc54gca
cisco/wvc54gca
n/a/n/a
Timeline
Published
May 06, 2009
Tracked Since
Feb 18, 2026