7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.2%
XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The affected script is cgi-bin/HASync/hasync.cgi.
seclists.org/bugtraq/2017/Jun/1
www.exploit-db.com/exploits/42130/
www.x41-dsec.de/lab/advisories/x41-2017-005-peplink/