CVE-2014-4727

Currently unrated

Key Information:

Vendor: Tp-link
Status: Tl-wdr4300 Firmware; Tl-wdr4300
Vendor: CVE Published:; 30 September 2014

Summary

Cross-site scripting (XSS) vulnerability in the DHCP clients page in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to inject arbitrary web script or HTML via the hostname in a DHCP request.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96139

vdb-entryx_refsource_XF

http://www.securityfocus.com/archive/1/533501/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/533499/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Sep 30, 2014
Vulnerability Reserved
Jul 8, 2014