CVE-2019-17523

Sažetak

An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp.

Reference

https://gitlab.com/luiss/cve_repo/blob/master/CVE-2019-17524/README.md
https://www.technicolor.com/news

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:N/I:P/A:N

Zadnje važnije ažuriranje

15-11-2019 - 16:34

Objavljeno

13-11-2019 - 15:15