Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-17524 | 1 Technicolor | 2 Tc7300.b0, Tc7300.b0 Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this. | |||||
CVE-2019-17523 | 1 Technicolor | 2 Tc7300.b0, Tc7300.b0 Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp. |