Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
No history.
Information
Published : 2016-06-19 01:59
Updated : 2024-02-28 15:21
NVD link : CVE-2016-1396
Mitre link : CVE-2016-1396
CVE.ORG link : CVE-2016-1396
JSON object : View
Products Affected
cisco
- rv130w_wireless-n_multifunction_vpn_router_firmware
- rv110w_wireless-n_vpn_firewall
- rv130w_wireless-n_multifunction_vpn_router
- rv215w_wireless-n_vpn_router_firmware
- rv215w_wireless-n_vpn_router
- rv110w_wireless-n_vpn_firewall_firmware
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')