Cross-Site Scripting Vulnerability in Buffalo Broadband Routers
CVE-2017-10896

6.1MEDIUM

Key Information:

Vendor
CVE Published:
8 December 2017

What is CVE-2017-10896?

A cross-site scripting vulnerability exists in the Buffalo BBR-4HG and BBR-4MG broadband routers, affecting firmware versions 1.00 to 1.48 and 2.00 to 2.07. This security flaw allows attackers to inject arbitrary web scripts or HTML through unspecified vectors, potentially compromising the security of affected devices and the integrity of user data.

Affected Version(s)

BBR-4HG firmware 1.00 to 1.48

BBR-4HG firmware 2.00 to 2.07

BBR-4MG firmware 1.00 to 1.48

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.