VAR-200905-0193
Vulnerability from variot - Updated: 2023-12-18 12:22Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters. The Linksys WRT54GC router is prone to an access-validation vulnerability because of a lack of authentication when users access specific administration applications. Successful attacks will lead to a compromise of the vulnerable device, which may lead to further attacks. Linksys WRT54GC running firmware 1.05.7 is vulnerable; other versions may also be affected. Cisco Linksys WRT54GC is a small business/home wireless broadband router produced by Cisco. ----------------------------------------------------------------------
Secunia is pleased to announce the release of the annual Secunia report for 2008.
Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics
Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/
Stay Secure,
Secunia
TITLE: Linksys WRT54GC "administration.cgi" Security Bypass Vulnerability
SECUNIA ADVISORY ID: SA34805
VERIFY ADVISORY: http://secunia.com/advisories/34805/
DESCRIPTION: Gabriel Lima has reported a vulnerability in Linksys WRT54GC, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to the router allowing unrestricted access to the administration.cgi web interface script. This can be exploited to change the administrator's password by sending a specially crafted HTTP request to the affected script.
SOLUTION: Restrict internal network access to trusted users only.
PROVIDED AND/OR DISCOVERED BY: Gabriel Lima
ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2009-04/0198.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200905-0193",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wrt54gc",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.05.7"
},
{
"model": "linksys wrt54gc",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "1.05.7"
},
{
"model": "wrt54gc",
"scope": "eq",
"trust": 0.3,
"vendor": "linksys",
"version": "1.5.7"
}
],
"sources": [
{
"db": "BID",
"id": "34616"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:wrt54gc:1.05.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1561"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gabriel Lima",
"sources": [
{
"db": "BID",
"id": "34616"
}
],
"trust": 0.3
},
"cve": "CVE-2009-1561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2009-1561",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-39007",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-1561",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200905-075",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-39007",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-1561",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters. The Linksys WRT54GC router is prone to an access-validation vulnerability because of a lack of authentication when users access specific administration applications. \nSuccessful attacks will lead to a compromise of the vulnerable device, which may lead to further attacks. \nLinksys WRT54GC running firmware 1.05.7 is vulnerable; other versions may also be affected. Cisco Linksys WRT54GC is a small business/home wireless broadband router produced by Cisco. ----------------------------------------------------------------------\n\nSecunia is pleased to announce the release of the annual Secunia\nreport for 2008. \n\nHighlights from the 2008 report:\n * Vulnerability Research\n * Software Inspection Results\n * Secunia Research Highlights\n * Secunia Advisory Statistics\n\nRequest the full 2008 Report here:\nhttp://secunia.com/advisories/try_vi/request_2008_report/\n\nStay Secure,\n\nSecunia\n\n\n----------------------------------------------------------------------\n\nTITLE:\nLinksys WRT54GC \"administration.cgi\" Security Bypass Vulnerability\n\nSECUNIA ADVISORY ID:\nSA34805\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/34805/\n\nDESCRIPTION:\nGabriel Lima has reported a vulnerability in Linksys WRT54GC, which\ncan be exploited by malicious people to bypass certain security\nrestrictions. \n\nThe vulnerability is caused due to the router allowing unrestricted\naccess to the administration.cgi web interface script. This can be\nexploited to change the administrator\u0027s password by sending a\nspecially crafted HTTP request to the affected script. \n\nSOLUTION:\nRestrict internal network access to trusted users only. \n\nPROVIDED AND/OR DISCOVERED BY:\nGabriel Lima\n\nORIGINAL ADVISORY:\nhttp://archives.neohapsis.com/archives/bugtraq/2009-04/0198.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "BID",
"id": "34616"
},
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"db": "PACKETSTORM",
"id": "76991"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-39007",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=32931",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "VULMON",
"id": "CVE-2009-1561"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1561",
"trust": 2.6
},
{
"db": "BID",
"id": "34616",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "34805",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2009-1172",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20090418 LINKSYS WRT54GC - ADMIN PASSWORD CHANGE (POC)",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200905-075",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "32931",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-39007",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-1561",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "76991",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"db": "BID",
"id": "34616"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "PACKETSTORM",
"id": "76991"
},
{
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"id": "VAR-200905-0193",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-39007"
}
],
"trust": 0.70416665
},
"last_update_date": "2023-12-18T12:22:54.285000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.cisco.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "NVD",
"id": "CVE-2009-1561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://archives.neohapsis.com/archives/bugtraq/2009-04/0198.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/34616"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.org/0904-exploits/linksysadmin-passwd.txt"
},
{
"trust": 1.8,
"url": "http://www.falandodeseguranca.com/?p=17"
},
{
"trust": 1.8,
"url": "http://secunia.com/advisories/34805"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/1172"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1561"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1561"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.3,
"url": "/archive/1/502800"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/352.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/32931/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/try_vi/request_2008_report/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/34805/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"db": "BID",
"id": "34616"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "PACKETSTORM",
"id": "76991"
},
{
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-39007"
},
{
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"db": "BID",
"id": "34616"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"db": "PACKETSTORM",
"id": "76991"
},
{
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-39007"
},
{
"date": "2009-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"date": "2009-04-20T00:00:00",
"db": "BID",
"id": "34616"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"date": "2009-04-27T15:17:43",
"db": "PACKETSTORM",
"id": "76991"
},
{
"date": "2009-05-06T16:30:00.703000",
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"date": "2009-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-05-07T00:00:00",
"db": "VULHUB",
"id": "VHN-39007"
},
{
"date": "2009-05-07T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1561"
},
{
"date": "2009-04-21T22:36:00",
"db": "BID",
"id": "34616"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003395"
},
{
"date": "2009-05-07T04:00:00",
"db": "NVD",
"id": "CVE-2009-1561"
},
{
"date": "2009-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Linksys WRT54GC Router administration.cgi Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003395"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200905-075"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…