CVE-2014-4871

Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter.
References
Link Resource
http://www.kb.cert.org/vuls/id/941108 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/70253
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:netcommwireless:nb604n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:netcommwireless:nb604n:-:*:*:*:*:*:*:*

Information

Published : 2014-10-07 03:55

Updated : 2015-10-05 19:38


NVD link : CVE-2014-4871

Mitre link : CVE-2014-4871


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

netcommwireless

  • nb604n_firmware
  • nb604n