6 matches found
CVE-2024-41584
DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter...
CVE-2024-41584
DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter...
DrayTek Vigor 3910 安全漏洞
The DrayTek Vigor 3910 is a high-performance router for enterprise networks from DrayTek. A security vulnerability exists in the DrayTek Vigor 3910 version 4.3.2.6 and prior versions, which stems from a lack of validation of the sFormAuthStr parameter...
CVE-2024-41584
CVE-2024-41584 affects DrayTek Vigor3910 devices up to firmware 4.3.2.6, where a reflected XSS vulnerability exists due to missing validation of the sFormAuthStr parameter. The issue is exploitable by authenticated users via the Web UI, with CVSS 3.1 base score 4.7 (Network, Low attack complexity...
CVE-2024-41584
DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter...
CVE-2024-41584
DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation of the sFormAuthStr parameter...