CVE-2018-16199

6.1MEDIUM

Key Information:

Vendor: Toshiba
Status: Toshiba Home Gateway Hem-gw16a And Toshiba Home Gateway Hem-gw26a
Vendor: CVE Published:; 9 January 2019

Summary

Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors.

Affected Version(s)

Toshiba Home gateway HEM-GW16A and Toshiba Home gateway HEM-GW26A (Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier)

References

https://jvn.jp/en/jp/JVN99810718/index.html

third-party-advisoryx_refsource_JVN

http://www.tlt.co.jp/tlt/information/seihin/notice/defect...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 9, 2019
Vulnerability Reserved
Aug 30, 2018