CVE-2022-26673 - CERT CVE

  1. CVE-2022-26673

ID CVE-2022-26673
Sažetak ASUS RT-AX88U has insufficient filtering for special characters in the HTTP header parameter. A remote attacker with general user privilege can exploit this vulnerability to inject JavaScript and perform Stored Cross-Site Scripting (XSS) attacks.
Reference
CVSS
Base: 3.5
Impact: 2.9
Exploitability:6.8
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM SINGLE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:S/C:N/I:P/A:N
Zadnje važnije ažuriranje 04-05-2022 - 13:13
Objavljeno 22-04-2022 - 07:15