Vulnerability Note VU#941108
NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting vulnerability
NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting (XSS) vulnerability.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A remote attacker can perform a stored cross-site scripting (XSS) attack against an authenticated user through the web interface allowing them to run scripts with the permission of the authenticated user.
Apply an Update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|NetComm Wireless Limited||Affected||05 Sep 2014||06 Oct 2014|
CVSS Metrics (Learn More)
Thanks to Katie Duczmal for reporting this vulnerability.
This document was written by Chris King.
- CVE IDs: CVE-2014-4871
- Date Public: 06 Oct 2014
- Date First Published: 06 Oct 2014
- Date Last Updated: 06 Oct 2014
- Document Revision: 7
If you have feedback, comments, or additional information about this vulnerability, please send us email.