Vulnerability Description
8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an extra HTTP Host header with additional leading text placed before the real Host header.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 8E6 | R3000 Internet Filter | 2.0.12.10 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/31391
- http://www.securityfocus.com/archive/1/495117/100/0/threaded
- http://www.securityfocus.com/bid/30541Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44238
- http://secunia.com/advisories/31391
- http://www.securityfocus.com/archive/1/495117/100/0/threaded
- http://www.securityfocus.com/bid/30541Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44238
FAQ
What is CVE-2008-3494?
CVE-2008-3494 is a vulnerability with a CVSS score of 7.8 (HIGH). 8e6 R3000 Internet Filter 2.0.12.10 allows remote attackers to bypass intended restrictions via an extra HTTP Host header with additional leading text placed before the real Host header.
How severe is CVE-2008-3494?
CVE-2008-3494 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3494?
Check the references section above for vendor advisories and patch information. Affected products include: 8E6 R3000 Internet Filter.