Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to conduct Open Redirect attacks via the return-url parameter to /goform/formLogout.
References
Link | Resource |
---|---|
https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf | Exploit Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2017-04-02 22:59
Updated : 2017-04-10 15:40
NVD link : CVE-2016-10316
Mitre link : CVE-2016-10316
JSON object : View
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Products Affected
jensenofscandinavia
- al5000ac
- al3g_firmware
- al59300_firmware
- al59300
- al3g
- al5000ac_firmware