Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN99810718/index.html | Third Party Advisory |
http://www.tlt.co.jp/tlt/information/seihin/notice/defect/20181219/20181219.htm | Vendor Advisory |
Information
Published : 2019-01-09 15:29
Updated : 2019-01-24 07:06
NVD link : CVE-2018-16199
Mitre link : CVE-2018-16199
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
toshiba
- hem-gw26a
- hem-gw16a
- hem-gw26a_firmware
- hem-gw16a_firmware