CVE-2021-46109

Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) in ASUS RT-AC52U_B1 3.0.0.4.380.10931 can lead to a user session hijack.
Configurations

Configuration 1 (hide)

cpe:2.3:o:asus:rt-ac52u_b1_firmware:3.0.0.4.380.10931:*:*:*:*:*:*:*

History

21 Nov 2024, 06:33

Type Values Removed Values Added
References () https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing - Exploit, Third Party Advisory () https://drive.google.com/drive/folders/1GAOuZwPB-upkpjPgjB8qLIKl9Mh3IVfl?usp=sharing - Exploit, Third Party Advisory

Information

Published : 2022-01-03 15:15

Updated : 2024-11-21 06:33


NVD link : CVE-2021-46109

Mitre link : CVE-2021-46109

CVE.ORG link : CVE-2021-46109


JSON object : View

Products Affected

asus

  • rt-ac52u_b1_firmware
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')