Cross-Site Scripting Vulnerability in Digisol Wireless Wifi Home Router
CVE-2018-14027

6.1MEDIUM

Key Information:

Vendor: Digisol
Status: Dg-hr-3300 Firmware
Vendor: CVE Published:; 5 July 2019

What is CVE-2018-14027?

The Digisol Wireless Wifi Home Router HR-3300 has a vulnerability that allows for cross-site scripting (XSS) attacks via the userid or password parameters on the admin login page. This could enable attackers to inject malicious scripts, potentially compromising the security and integrity of the device, as well as the data of users accessing the router.

References

https://indiancybersecuritysolutions.com/cve-2018-14027-x...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 5, 2019
Vulnerability Reserved
Jul 12, 2018