Cross site scripting

2016-06-1901:59:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.5%

JSON

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.

CPENameOperatorVersion
rv110w_wireless-n_vpn_firewall_firmwareeq1.1.0.9
rv110w_wireless-n_vpn_firewall_firmwareeq1.2.0.9
rv110w_wireless-n_vpn_firewall_firmwareeq1.2.0.10
rv110w_wireless-n_vpn_firewall_firmwareeq1.2.1.4
rv130w_wireless-n_multifunction_vpn_router_firmwareeq1.0.0.21
rv130w_wireless-n_multifunction_vpn_router_firmwareeq1.0.1.3
rv130w_wireless-n_multifunction_vpn_router_firmwareeq1.0.2.7
rv215w_wireless-n_vpn_router_firmwareeq1.1.0.5
rv215w_wireless-n_vpn_router_firmwareeq1.1.0.6
rv215w_wireless-n_vpn_router_firmwareeq1.2.0.14

Name	Operator	Version
rv110w_wireless-n_vpn_firewall_firmware	eq	1.1.0.9
rv110w_wireless-n_vpn_firewall_firmware	eq	1.2.0.9
rv110w_wireless-n_vpn_firewall_firmware	eq	1.2.0.10
rv110w_wireless-n_vpn_firewall_firmware	eq	1.2.1.4
rv130w_wireless-n_multifunction_vpn_router_firmware	eq	1.0.0.21
rv130w_wireless-n_multifunction_vpn_router_firmware	eq	1.0.1.3
rv130w_wireless-n_multifunction_vpn_router_firmware	eq	1.0.2.7
rv215w_wireless-n_vpn_router_firmware	eq	1.1.0.5
rv215w_wireless-n_vpn_router_firmware	eq	1.1.0.6
rv215w_wireless-n_vpn_router_firmware	eq	1.2.0.14