Vulnerability Details CVE-2008-1252
b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote attackers to obtain the logon password by reading the pwd field in the HTML source.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.0%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/29414
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- http://www.securityfocus.com/archive/1/489009/100/0/threaded
- http://www.securityfocus.com/bid/28382
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41128
- http://secunia.com/advisories/29414
- http://www.gnucitizen.org/projects/router-hacking-challenge/
- http://www.securityfocus.com/archive/1/489009/100/0/threaded
- http://www.securityfocus.com/bid/28382
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41128
Products affected by CVE-2008-1252
-
cpe:2.3:h:deutsche_telekom:speedport_w500_dsl_router:*