exploitDog

GHSA-4m44-9r37-q4q5

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.

XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.

Ссылки

EPSS

Процентиль: 83%

0.02047

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-8838

CVSS3: 6.1

nvd

больше 8 лет назад

XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.

EPSS

Процентиль: 83%

0.02047

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79