MEDIUM🇬🇧 English

CVE-2008-1257

CVSS 4.3v2.0pub. 2008-03-10upd. 2026-04-23

Cross-site scripting (XSS) vulnerability in Forms/DiagGeneral_2 on the ZyXEL P-660HW series router allows remote attackers to inject arbitrary web script or HTML via the PingIPAddr parameter.

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Zyxel P 660hw

    HW
    Zyxel
    _t1
  • Zyxel P 660hw D1

    HW
    Zyxel
    v2
  • Zyxel P 660hw D3

    HW
    Zyxel
    wszystkie wersje
  • Zyxel P 660hw T3

    HW
    Zyxel
    v2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2017-17901HIGH7.5ten sam produkt

ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (CPU consumption) via a flood of ...

CVE-2013-3588HIGH7.8ten sam produkt

The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of service (reboo...

CVE-2008-1526HIGH7.5ten sam produkt

ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(PE9) and 3.40(AGD.2) throu...

CVE-2008-1256HIGH10.0ten sam produkt

The ZyXEL P-660HW series router has "admin" as its default password, which allows remote attackers to gain adm...

CVE-2008-1255HIGH10.0ten sam produkt

The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote attackers to...

CVE-2008-1257 — MEDIUM 4.3 | CVEbaza.pl