CVE-2017-16836
CVE-2017-16836 describes an unauthenticated stored cross-site scripting (XSS) in Arris TG1682G devices running Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT. The vulnerability is exploitable via the service parameter of actionHandler/ajax_managed_services.php, allowing an attacker to inject arb...