Описание
Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the administrative dashboard.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:arcadyan:vrv9506jac23_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:arcadyan:vrv9506jac23:-:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.0016
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
около 3 лет назад
Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 allow remote attackers to inject arbitrary web script or HTML via the hostName and domain_name parameters present in the LAN configuration section of the administrative dashboard.
EPSS
Процентиль: 37%
0.0016
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79