[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-2925Date: (C)2014-04-23   (M)2023-12-22


Cross-site scripting (XSS) vulnerability in Advanced_Wireless_Content.asp in ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote attackers to inject arbitrary web script or HTML via the current_page parameter to apply.cgi.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
http://seclists.org/fulldisclosure/2014/Apr/59
BID-66669
http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
http://www.asus.com/Networking/RTAC68U/HelpDesk_Download/
https://support.t-mobile.com/docs/DOC-21994

CPE    3
cpe:/h:asus:rt-ac68u:-
cpe:/o:asus:rt-ac68u_firmware:3.0.0.4.374_4887
cpe:/o:asus:rt-ac68u_firmware:3.0.0.4.374.4755
CWE    1
CWE-79

© SecPod Technologies