CVE-2017-2148

CVE-2017-2148 describes a stored cross-site scripting vulnerability in the WN-AC1167GR wireless router from I-O DATA DEVICE, affecting firmware version 1.04 and earlier. The root cause is insufficient input sanitization allowing an authenticated attacker to inject arbitrary web script or HTML tha...