Описание
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:draytek:vigor_2700_router_firmware:2.8.3:*:*:*:*:*:*:*
cpe:2.3:h:draytek:vigor_2700_router:-:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00509
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js.
EPSS
Процентиль: 66%
0.00509
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-78