Cross-Site Scripting Vulnerability in Cisco EPC3928 Management Interface
CVE-2015-6402

Currently unrated

Key Information:

Vendor

Cisco
Status
Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter
Vendor
CVE Published:
14 December 2015

What is CVE-2015-6402?

A cross-site scripting vulnerability exists in the management interface of Cisco EPC3928 devices running specific EDVA versions. This flaw allows remote attackers to inject arbitrary web scripts or HTML, which may lead to unauthorized actions or disclosure of sensitive information. The issue is associated with an unspecified value in the management interface, making it crucial for organizations using these devices to implement proper security measures to mitigate potential attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1034346
vdb-entryx_refsource_SECTRACK
https://www.exploit-db.com/exploits/39904/
exploitx_refsource_EXPLOIT-DB
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.