CVE-2019-16534

On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.draytek.com/about/security-advisory/urgent-security-updates-to-draytek-routers
https://www.facebook.com/Huang.YuHsiang.Phone/posts/1815316691945755	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:draytek:vigor2925_firmware:3.8.4.3:*:*:*:*:*:*:*

OR	cpe:2.3:h:draytek:vigor_2925:-:::::::*
	cpe:2.3:h:draytek:vigor_2925n:-:::::::*
	cpe:2.3:h:draytek:vigor2925ac:-:::::::*
	cpe:2.3:h:draytek:vigor2925fn:-:::::::*
	cpe:2.3:h:draytek:vigor2925n-plus:-:::::::*
	cpe:2.3:h:draytek:vigor2925vac:-:::::::*
	cpe:2.3:h:draytek:vigor2925vn-plus:-:::::::*

History

No history.

Information

Published : 2019-09-20 16:15

Updated : 2024-02-28 17:28

NVD link : CVE-2019-16534

Mitre link : CVE-2019-16534

CVE.ORG link : CVE-2019-16534

JSON object : View

Products Affected

draytek

vigor_2925
vigor2925vac
vigor2925fn
vigor2925_firmware
vigor2925n-plus
vigor2925vn-plus
vigor2925ac
vigor_2925n

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2019-16534", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2019-09-20T16:15:13.617", "references": [{"url": "https://www.draytek.com/about/security-advisory/urgent-security-updates-to-draytek-routers", "source": "cve@mitre.org"}, {"url": "https://www.facebook.com/Huang.YuHsiang.Phone/posts/1815316691945755", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product."}, {"lang": "es", "value": "En los dispositivos On DrayTek Vigor2925 con versi\u00f3n de firmware 3.8.4.3, se presenta una vulnerabilidad de tipo XSS por medio de un nombre de WAN dise\u00f1ado en la pantalla General Setup. NOTA: este es un producto al final de su vida \u00fatil."}], "lastModified": "2020-04-06T19:15:12.557", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:draytek:vigor2925_firmware:3.8.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F99492-F7E7-44E5-971F-FEA23B556B34"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:draytek:vigor_2925:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8320C78-49F7-47D5-BD7E-C19B466013A9"}, {"criteria": "cpe:2.3:h:draytek:vigor_2925n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EF35CFC-7C7F-4225-87B9-FEBA6B27A536"}, {"criteria": "cpe:2.3:h:draytek:vigor2925ac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2AA7A61-2672-425D-89D0-4BE755FA6BFD"}, {"criteria": "cpe:2.3:h:draytek:vigor2925fn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A4DE43C-8CE1-4DF4-B648-106E1A61C89B"}, {"criteria": "cpe:2.3:h:draytek:vigor2925n-plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8940245-090F-40AF-A0F5-F56AC2DDCE9A"}, {"criteria": "cpe:2.3:h:draytek:vigor2925vac:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F0C0AA77-8B78-425A-B9E8-078B79C4AC66"}, {"criteria": "cpe:2.3:h:draytek:vigor2925vn-plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "216C7078-B72E-46B4-A039-6D3331A5AA13"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}