CVE-2007-5385 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router as used for the BT Home Hub 6.2.6.B and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://securityreason.com/securityalert/3213 http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub http://www.securityfocus.com/archive/1/481835/100/0/threaded http://www.securityfocus.com/bid/25972 http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/