Lucene search
PRIOn knowledge basePRION:CVE-2019-10677HistorySep 05, 2019 - 2:15 p.m.
Cross site scripting
2019-09-0514:15:00
PRIOn knowledge base
www.prio-n.com
5
0.01 Low
EPSS
Percentile
84.0%
Multiple Cross-Site Scripting (XSS) issues in the web interface on DASAN Zhone ZNID GPON 2426A EU version S3.1.285 devices allow a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameter: /zhndnsdisplay.cmd (name), /wlsecrefresh.wl (wlWscCfgMethod, wl_wsc_reg).
| CPE | Name | Operator | Version |
|---|---|---|---|
| znid_gpon_2426a_eu_firmware | eq | <= s3.1.285 |
Related
exploitpack
exploitpack
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting
2019-09-04 00:00:00
cvelist
cvelist
CVE-2019-10677
2019-09-05 13:23:06
packetstorm
packetstorm
DASAN Zhone ZNID GPON 2426A EU Cross Site Scripting
2019-09-04 00:00:00
cve
cve
CVE-2019-10677
2019-09-05 14:15:10
nvd
nvd
CVE-2019-10677
2019-09-05 14:15:10
zdt
zdt
exploitdb
exploitdb
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting
2019-09-04 00:00:00