This page has been reproduced from here  for archival purposes.
Network Everywhere Router Lets Remote Users Inject Scripts Via DHCP Messages
SecurityTracker Alert ID: 1011066
SecurityTracker URL: http://securitytracker.com/id/1011066
CVE Reference: GENERIC-MAP-NOMATCH
Date: Aug 25 2004
Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Exploit Included: Yes
Version(s): firmware rev 1.2 Release 03; Model NR041
Description: A vulnerability was reported in the Network Everywhere NR041 router. A remote user can conduct scripting attacks against the administrator.
Mathieu Lacroix reported that the router does not filter user-supplied input in the DHCP HOSTNAME option when displaying information on the administrative interface. A remote user can inject scripting code into a DHCP HOSTNAME option to cause arbitrary scripting code to be executed when a target user views the interface.
The remote user must have access to the internal interface, the report said.
The vendor was reportedly notified on August 13, 2004, wihtout response.
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the device, access data recently submitted by the target user via web form to the device, or take actions on the device acting as the target user.
Solution: No solution was available at the time of this entry.
Vendor URL: www.networkeverywhere.com/products/nr041.asp (Links to External Site)
Cause: Input validation error