Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN92237169/index.html | Third Party Advisory VDB Entry |
http://corega.jp/support/security/20161111_wlr300nx.htm | Vendor Advisory |
http://www.securityfocus.com/bid/94248 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2017-06-09 09:29
Updated : 2017-06-16 08:46
NVD link : CVE-2016-7810
Mitre link : CVE-2016-7810
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
corega
- cg-wlr300nx
- cg-wlr300nx_firmware