ID CVE-2017-14250Type cveReporter cve@mitre.orgModified 2017-11-22T17:06:00
Description
In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with Firmware Version 3.11.7 Build 100603 Rel.56412n and Hardware Version: WR741N v1/v2 00000000, parameter SSID in the "Wireless Settings" is not properly validated. It's possible to inject malicious code: </script><H1>BUG/* </script><a href=XXX.com>. The second payload blocks the change of wireless settings. A factory reset is required.
{"id": "CVE-2017-14250", "bulletinFamily": "NVD", "title": "CVE-2017-14250", "description": "In TP-LINK TL-WR741N / TL-WR741ND 150M Wireless Lite N Router with Firmware Version 3.11.7 Build 100603 Rel.56412n and Hardware Version: WR741N v1/v2 00000000, parameter SSID in the \"Wireless Settings\" is not properly validated. It's possible to inject malicious code: </script><H1>BUG/* </script><a href=XXX.com>. The second payload blocks the change of wireless settings. A factory reset is required.", "published": "2017-10-31T18:29:00", "modified": "2017-11-22T17:06:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14250", "reporter": "cve@mitre.org", "references": ["https://angeloanatrella86.github.io/CVE-2017/"], "cvelist": ["CVE-2017-14250"], "type": "cve", "lastseen": "2019-05-29T18:16:49", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "1879d270d7bfcdc74761e8031fe77026"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "b7b83a03631be290796d510d0f11bdfe"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "4d13f4723e2bc4f073f4e3ea1e4fa476"}, {"key": "cvss", "hash": "6ad09ba505ca87ef2de93918ce47c35a"}, {"key": "cvss2", "hash": "593bba4419af155b8c7f8e775b627a6c"}, {"key": "cvss3", "hash": "88edf57817dae99a433c5ac7689b35bb"}, {"key": "cwe", "hash": "226da5129ffaaee3d5b48e506b957d58"}, {"key": "description", "hash": "700f512af29ac906b8d1787b322960de"}, {"key": "href", "hash": "ee86d3e099cda06dfb18194c446114ac"}, {"key": "modified", "hash": "a0c0a1af251bdb34d29d4b058e68368a"}, {"key": "published", "hash": "e4ce7a62dedb88ff24ef1042f70fd67a"}, {"key": "references", "hash": "c3ed6fd891f3d71e269c0a2f5309cd50"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "4a52202777376d1471537e742e64ec44"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "52705979cc0d702fa2d5a83856d60444c029c43f7d320cf95263e4c9e3b12c03", "viewCount": 1, "enchantments": {"score": {"value": 4.5, "vector": "NONE", "modified": "2019-05-29T18:16:49"}, "dependencies": {"references": [], "modified": "2019-05-29T18:16:49"}, "vulnersScore": 4.5}, "objectVersion": "1.3", "cpe": ["cpe:/a:tp-link:tl-wr741n_firmware:3.11.7", "cpe:/a:tp-link:tl-wr741nd_firmware:3.11.7"], "affectedSoftware": [{"name": "tp-link tl-wr741n_firmware", "operator": "eq", "version": "3.11.7"}, {"name": "tp-link tl-wr741nd_firmware", "operator": "eq", "version": "3.11.7"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cpe23": [], "cwe": ["CWE-20"]}
{}
