CVE-2017-11650 in Vigor AP910Cinfo

Summary

Cross-site scripting (XSS) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to inject arbitrary web script or HTML via vectors involving home.asp.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

07/25/2017

Disclosure

03/06/2018

Moderation

VulDB entry created

Entries

1: VDB-114162

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

5.7

EPSS

0.00222

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-11650
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-11650
CVE Details	https://www.cvedetails.com/cve/CVE-2017-11650/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!