Описание
Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.
Ссылки
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.08 (включая)
Одновременно
cpe:2.3:o:elecom:wrc-x3000gs2-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-x3000gs2-b:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.08 (включая)
Одновременно
cpe:2.3:o:elecom:wrc-x3000gs2-w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-x3000gs2-w:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 1.08 (включая)
Одновременно
cpe:2.3:o:elecom:wrc-x3000gs2a-b_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:elecom:wrc-x3000gs2a-b:-:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00973
Низкий
6.1 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 1 года назад
Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web browser.
EPSS
Процентиль: 76%
0.00973
Низкий
6.1 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-79
CWE-79