Описание
Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded.
Уязвимые конфигурации
Одновременно
EPSS
6.1 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded.
Уязвимость микропрограммного обеспечения Wi‑Fi роутеров TP-Link Archer AX50 (AX3000), связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный JavaScript-код
EPSS
6.1 Medium
CVSS3
6.1 Medium
CVSS3