Cross-Site Scripting Vulnerability in Cisco Linksys E4200 Devices
CVE-2013-2684

6.1MEDIUM

Key Information:

Vendor

Cisco
Status
Linksys E4200 Firmware
Vendor
CVE Published:
6 February 2020

What is CVE-2013-2684?

The Cisco Linksys E4200 devices are susceptible to a Cross-Site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts or HTML. This can occur through various unspecified vectors, posing significant risks to users by leveraging browser vulnerabilities for malicious purposes. Implementing security measures is essential to mitigate this threat, ensuring the safety and security of system users.

References

http://www.securityfocus.com/bid/59716
vdb-entryx_refsource_BID
http://packetstormsecurity.com/files/121551/Cisco-Linksys...
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/84070
vdb-entryx_refsource_XF

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2013-2684 : Cross-Site Scripting Vulnerability in Cisco Linksys E4200 Devices