Описание
A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- Exploit
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
- Exploit
Уязвимые конфигурации
Одновременно
EPSS
2.4 Low
CVSS3
3.4 Low
CVSS3
3.3 Low
CVSS2
Дефекты
Связанные уязвимости
A vulnerability, which was classified as problematic, has been found in TOTOLINK A3002R 2.1.1-B20230720.1011. This issue affects some unknown processing of the component VPN Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Уязвимость компонента VPN Page микропрограммного обеспечения роутеров TOTOLINK A3002R, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS
2.4 Low
CVSS3
3.4 Low
CVSS3
3.3 Low
CVSS2