Cross-site scripting (XSS) vulnerability in lg.cgi in Cougar LG 1.9 allows remote attackers to inject arbitrary web script or HTML via the "addr" parameter.
6.1CVSS
6.3AI Score
0.003EPSS
Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials.
9.8CVSS
9.1AI Score
0.007EPSS
The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys.
7.5CVSS
7.8AI Score
0.003EPSS
lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentials.
7.5CVSS
7.8AI Score
0.004EPSS