Cross-site Scripting Vulnerability in NetComm NB16WV-02 Router
CVE-2017-5900

5.4MEDIUM

Key Information:

Vendor

Netcomm

Status
Nb16wv-02 Firmware
Vendor
CVE Published:
29 March 2017

What is CVE-2017-5900?

The NetComm NB16WV-02 router features a cross-site scripting vulnerability that allows remote authenticated users to execute arbitrary web scripts or HTML. This can be exploited through the S801F0334 parameter in the hdd.htm page, potentially leading to unauthorized access to sensitive user information or manipulation of website content.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1038171
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/97161
vdb-entryx_refsource_BID
http://seclists.org/fulldisclosure/2017/Mar/75
mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.