Cross-Site Scripting (XSS) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, as demonstrated by the action parameter to ajax.cgi.
References
Link | Resource |
---|---|
https://iscouncil.blogspot.com/2017/07/green-packet-dx-350-vulnerable-to-cross.html | Exploit Third Party Advisory |
https://iscouncil.blogspot.com/2017/07/green-packet-dx-350-vulnerable-to-cross.html | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://iscouncil.blogspot.com/2017/07/green-packet-dx-350-vulnerable-to-cross.html - Exploit, Third Party Advisory |
Information
Published : 2017-07-21 06:29
Updated : 2024-11-21 03:37
NVD link : CVE-2017-9931
Mitre link : CVE-2017-9931
CVE.ORG link : CVE-2017-9931
JSON object : View
Products Affected
greenpacket
- dx-350_firmware
- dx-350
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')