exploitDog

CVE-2018-13134

Опубликовано: 04 июл. 2018

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI.

Ссылки

https://www.exploit-db.com/exploits/45970/
Exploit
Third Party Advisory
VDB Entry
https://www.xc0re.net/2018/05/25/tp-link-wireless-router-archer-c1200-cross-site-scripting/
Third Party Advisory
https://www.exploit-db.com/exploits/45970/
Exploit
Third Party Advisory
VDB Entry
https://www.xc0re.net/2018/05/25/tp-link-wireless-router-archer-c1200-cross-site-scripting/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tp-link:archer_c1200_firmware:1.13:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:archer_c1200:-:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00364

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-cm9h-5j6h-gr93

CVSS3: 6.1

github

больше 3 лет назад

TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI.

EPSS

Процентиль: 58%

0.00364

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79