Cross-Site Scripting Vulnerability in Belkin N900 Router
CVE-2013-3087

Currently unrated

Key Information:

Vendor: Belkin
Status: N900
Vendor: CVE Published:; 30 January 2014

What is CVE-2013-3087?

Multiple cross-site scripting (XSS) vulnerabilities in the Belkin N900 router enable remote attackers to inject arbitrary web scripts or HTML through the 'ssid2' parameter in wl_channel.html or the 'guest_psk' parameter in wl_guest.html. This exposure allows attackers to execute malicious scripts in the context of the affected user's session, posing risks to user data and device integrity.

References

http://securityevaluators.com/content/case-studies/router...

x_refsource_MISC

http://securityevaluators.com/knowledge/case_studies/rout...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/83831

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 30, 2014
Vulnerability Reserved
Apr 17, 2013