Home page logo
/

bugtraq logo Bugtraq mailing list archives

Zyxel Prestige 660H-61 Cross-Site Scripting
From: jose.palanco () eazel es
Date: 26 Jul 2006 16:31:13 -0000

Zyxel Prestige 660H-61  Cross-Site Scripting

Tested on Zyxel Prestige 660H-61
ZyNOS F/W Version: V3.40(PT.0)b32 | 1/28/2005
Standard:NORMAL

Discovered by:  José Ramón Palanco: jose.palanco(at)eazel(dot).es
http://www.eazel.es

Description:     

Zyxel Prestige 660H-61 ADSL Router is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks.
Due to improper filtering, a remote attacker can cause a cross site scripting in this script:

http://router/Forms/rpSysAdmin?a=%3Cscript%3Ealert('www.eazel.es')%3C/script%3E

Original advisory:

http://www.eazel.es/media/advisory004-Zyxel-Prestige-660H-61-Cross-Site-Scripting.html


  By Date           By Thread  

Current thread:
  • Zyxel Prestige 660H-61 Cross-Site Scripting jose . palanco (Jul 26)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault