Vulnerabilities > CVE-2013-2682 - Improper Restriction of Rendered UI Layers or Frames vulnerability in Cisco Linksys E4200 Firmware 1.0.05
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Cisco Linksys E4200 Firmware - Multiple Vulnerabilities. CVE-2013-2678,CVE-2013-2679,CVE-2013-2680,CVE-2013-2681,CVE-2013-2682,CVE-2013-2683,CVE-2013-2684. W... |
file | exploits/hardware/webapps/25292.txt |
id | EDB-ID:25292 |
last seen | 2016-02-03 |
modified | 2013-05-07 |
platform | hardware |
port | |
published | 2013-05-07 |
reporter | sqlhacker |
source | https://www.exploit-db.com/download/25292/ |
title | Cisco Linksys E4200 Firmware - Multiple Vulnerabilities |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/121551/ciscolinksyse4200-xsslfi.txt |
id | PACKETSTORM:121551 |
last seen | 2016-12-05 |
published | 2013-05-07 |
reporter | sqlhacker |
source | https://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html |
title | Cisco Linksys E4200 Cross Site Scripting / Local File Inclusion |
References
- http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html
- http://packetstormsecurity.com/files/121551/Cisco-Linksys-E4200-Cross-Site-Scripting-Local-File-Inclusion.html
- http://www.securityfocus.com/bid/59717
- http://www.securityfocus.com/bid/59717
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84071
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84071