exploitDog

CVE-2020-8090

Опубликовано: 27 янв. 2020

Источник: nvd

CVSS3: 4.8

CVSS2: 3.5

EPSS Низкий

Описание

The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).

Ссылки

https://sku11army.blogspot.com/2020/01/a1-modem-wlan-box-adb-vv2220.html
Exploit
Third Party Advisory
https://sku11army.blogspot.com/2020/01/a1-modem-wlan-box-adb-vv2220.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:a1:wlan_box_adb_vv2220_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:a1:wlan_box_adb_vv2220:2:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00323

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9mmr-pqm2-6vvf

github

больше 3 лет назад

The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).

EPSS

Процентиль: 55%

0.00323

Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79