Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCERT-PLCVELIST:CVE-2023-49260
HistoryJan 12, 2024 - 2:25 p.m.

CVE-2023-49260 Stored cross-site scripting vulnerability

2024-01-1214:25:17
CWE-79
CERT-PL
www.cve.org
xss
motd
terminal_tool
cve-2023-49260
vulnerability
cve-2023-49255

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

An XSS attack can be performed by changing the MOTD banner and pointing the victim to the “terminal_tool.cgi” path. It can be used together with the vulnerability CVE-2023-49255.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "H8951-4G-ESP",
    "vendor": "Hongdian",
    "versions": [
      {
        "lessThan": "2310271149",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Related

nvd 2
cve 2
prion 2
cvelist 1
nvd
nvd
CVE-2023-49260
2024-01-12 15:15:09
CVE-2023-49255
2024-01-12 15:15:09
cve
cve
CVE-2023-49260
2024-01-12 15:15:09
CVE-2023-49255
2024-01-12 15:15:09
prion
prion
Path traversal
2024-01-12 15:15:00
Default credentials
2024-01-12 15:15:00
cvelist
cvelist
CVE-2023-49255 Router console accessible without authentication
2024-01-12 14:23:53

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON
Related for CVELIST:CVE-2023-49260
nvd2cve2prion2cvelist1