CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

OSV•added 2023/10/11 4:15 p.m.•2 views

CVE-2023-34354

A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...

5.4CVSS7.4AI score0.00131EPSS

Exploits1References2

Talos•added 2023/10/11 12:0 a.m.•32 views

peplink Surf SOHO HW1 upload_brand.cgi cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2023-1781 peplink Surf SOHO HW1 uploadbrand.cgi cross-site scripting XSS vulnerability October 11, 2023 CVE Number CVE-2023-34354 SUMMARY A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in...

5.4CVSS4.8AI score0.00131EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by