CVE-2014-7278

The login page on the ZyXEL SBG-3300 Security Gateway with firmware 1.00(AADY.4)C0 and earlier allows remote attackers to cause a denial of service (persistent web-interface outage) via JavaScript code within unspecified "welcome message" form data that is improperly handled during use for the loginMsg variable's value, a different vulnerability than CVE-2014-7277.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:zyxel:sbg3300-n_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:sbg3300-n:-:*:*:*:*:*:*:*

Information

Published : 2014-10-04 03:55

Updated : 2017-09-07 18:29


NVD link : CVE-2014-7278

Mitre link : CVE-2014-7278


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

zyxel

  • sbg3300-n_firmware
  • sbg3300-n