Lucene search
PRIOn knowledge basePRION:CVE-2014-9021HistoryNov 20, 2014 - 5:50 p.m.
Cross site scripting
2014-11-2017:50:00
PRIOn knowledge base
www.prio-n.com
3
Multiple cross-site scripting (XSS) vulnerabilities in ZTE ZXDSL 831 allow remote attackers to inject arbitrary web script or HTML via the (1) tr69cAcsURL, (2) tr69cAcsUser, (3) tr69cAcsPwd, (4) tr69cConnReqPwd, or (5) tr69cDebugEnable parameter to the TR-069 client page (tr69cfg.cgi); the (6) timezone parameter to the Time and date page (sntpcfg.sntp); or the (7) hostname parameter in a save action to the Quick Stats page (psilan.cgi). NOTE: this issue was SPLIT from CVE-2014-9020 per ADT1 due to different affected products and codebases.
Related
cve
cve
CVE-2014-9021
2014-11-20 17:50:10
CVE-2014-9020
2014-11-20 17:50:08
cvelist
cvelist
CVE-2014-9021
2014-11-20 17:00:00
CVE-2014-9020
2014-11-20 17:00:00
nvd
nvd
CVE-2014-9021
2014-11-20 17:50:10
CVE-2014-9020
2014-11-20 17:50:08
packetstorm
packetstorm
ZTE ZXDSL 831 Cross Site Scripting
2014-11-07 00:00:00
ZTE 831CII Hardcoded Credential / XSS / CSRF
2014-11-07 00:00:00
prion
prion
Cross site scripting
2014-11-20 17:50:00