Security Advisory

CVE-2019-17524

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-11-13 14:36:01

Last updated 2024-08-05 01:40:15

Assigner mitre

State PUBLISHED

Description

An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this.

← Browse all CVEs View on cve.org ↗