exploitDog

CVE-2014-7278

Опубликовано: 04 окт. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginMsg variable's value, a different vulnerability than CVE-2014-7277.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:zyxel:sbg3300-n_firmware:*:*:*:*:*:*:*:*

Версия до 1.00\(aady.4\)c0 (включая)

cpe:2.3:h:zyxel:sbg3300-n:-:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00687

Низкий

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-9r9m-5qr9-wxj8

github

больше 3 лет назад

The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginMsg variable's value, a different vulnerability than CVE-2014-7277.

EPSS

Процентиль: 71%

0.00687

Низкий

5 Medium

CVSS2

Дефекты

CWE-20