CVE-2007-4488

EPSS 0.29%
Veröffentlicht 22.08.2007 23:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in the Siemens Gigaset SE361 WLAN router with firmware 1.00.0 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI immediately following the filename for (1) a GIF filename, which triggers display of the GIF file in text format and an unspecified denial of service (crash); or (2) the login.tri filename, which triggers a continuous loop of the browser attempting to visit the login page.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Siemens ≫ Gigaset Se361 Wlan Router Version0 Updatefirmware_1.00

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.29%	0.49

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

http://osvdb.org/45841

http://osvdb.org/45842

http://securityreason.com/securityalert/3050

http://www.securityfocus.com/archive/1/477220/100/0/threaded

https://nvd.nist.gov/vuln/detail/CVE-2007-4488

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-4488

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-4488

EUVD