Phillipine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 Cross-Site Scripting Vulnerabilities

The Phillipine Long Distance Telephone PLDT SpeedSurf 504AN and the Kasda KW58293 are modem and router all-in-one units. The PLDT SpeedSurf 504AN and Kasda KW58293 form2WlanSetup.cgi page fails to adequately filter the 'ssid' parameter, allowing a remote attacker to exploit the vulnerability by...

CVE-2013-3069

Multiple cross-site scripting XSS vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the 1 UserName or 2 Password to the NAS User Setup page, 3 deviceName to USBadvanced.htm, or 4 Network Key to the Wireless Setup...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the 1 UserName or 2 Password to the NAS User Setup page, 3 deviceName to USBadvanced.htm, or 4 Network Key to the Wireless Setup...

CVE-2013-3069

Multiple cross-site scripting XSS vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the 1 UserName or 2 Password to the NAS User Setup page, 3 deviceName to USBadvanced.htm, or 4 Network Key to the Wireless Setup...