CVE-2008-1334
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-1334
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or modify administrative settings or make arbitrary VoIP telephone calls, by placing a character at the end of the PATH_INFO, as demonstrated by (1) %5C (encoded backslash), (2) '%' (percent), and (3) '~' (tilde). NOTE: the '/' (slash) vector is already covered by CVE-2007-5383.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
bt home_hub 'cgi/b' PATH_INFO权限绕过漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
BT Home Hub router的cgi/b允许远程攻击者通过在PATH_INFO的末端放置一个字符(例如,(1) %5C (已编码的反斜线符号), (2) '%' (百分比), 以及 (3) '~' (否定号)),来绕过权限,和读取或修改管理设置或拨打任意VoIP电话。 注意: '/' (斜线 )向量已被CVE-2007-5383覆盖.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-1334
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-1334
Please Login to view more intelligence information
- http://www.gnucitizen.org/projects/router-hacking-challenge/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2008-1334
Same Patch Batch · n/a · 2008-03-13 · 19 CVEs total
| CVE-2008-1319 | Versant Object Database Borland CaliberRM 不可靠搜索路径和变量注入漏洞 | |
| CVE-2008-1327 | Gallarific users.php和index.php 授权问题漏洞 | |
| CVE-2008-1326 | Gallarific 'search.php' 跨站脚本攻击漏洞 | |
| CVE-2008-1325 | Uberghey CMS 'index.php' 多个目录遍历漏洞 | |
| CVE-2008-1324 | Travelsized CMS 'index.php' 多个目录遍历漏洞 | |
| CVE-2008-1323 | WoltLab Burning Board Lite 'index.php' ThreadDelete操作跨站脚本攻击漏洞 | |
| CVE-2008-1322 | ASG-Sentry Network Manager 拒绝服务攻击漏洞 | |
| CVE-2008-1321 | ASG-Sentry Network Manager FxIAList服务拒绝服务漏洞 | |
| CVE-2008-1320 | ASG-Sentry Network Manager 多个缓冲区溢出漏洞 | |
| CVE-2007-6707 | Linksys WAG54GS Firmware 多个跨站脚本攻击漏洞 | |
| CVE-2008-1318 | MediaWiki JavaScript Object Notation API信息泄露漏洞 | |
| CVE-2008-1317 | Sun Solaris Inter-Process Communication (IPC) 本地拒绝服务漏洞 | |
| CVE-2008-1316 | QT-cute QuickTalk Forum 'qtf_ind_search_ov.php' SQL注入漏洞 | |
| CVE-2008-1315 | PHP-Nuke Zclassifieds模块SQL注入漏洞 | |
| CVE-2008-1336 | Koobi CMS 'index.php' SQL注入漏洞 | |
| CVE-2008-1335 | netbsd_current 设计错误漏洞 | |
| CVE-2007-6709 | Cisco Linksys WAG54GS Wireless-G ADSL Gateway 默认密码权限许可和访问控制漏洞 | |
| CVE-2007-6708 | Cisco Linksys WAG54GS Wireless-G ADSL Gateway firmware多个跨站请求伪造漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2008-1334
No comments yet