Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2007-5411

Published: 12/10/2007 Updated: 29/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Linksys

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the From header in a SIP message.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linksys spa941

Exploits

Exploit DB: Linksys SPA941 - 'SIP From' HTML Injection
source: wwwsecurityfocuscom/bid/25987/info Linksys SPA941 devices are prone to an HTML-injection vulnerability because the built-in webserver fails to properly sanitize user-supplied input before using it in dynamically generated content Attacker-supplied HTML and script code would execute in the context of the affected website, potenti ...

References

CWE-79http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066430.htmlhttp://www.securityfocus.com/bid/25987http://secunia.com/advisories/27116https://exchange.xforce.ibmcloud.com/vulnerabilities/37022https://nvd.nist.govhttps://www.exploit-db.com/exploits/30650/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook