NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting (XSS) vulnerability.
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A remote attacker can perform a stored cross-site scripting (XSS) attack against an authenticated user through the web interface allowing them to run scripts with the permission of the authenticated user.
Apply an Update
NetComm Wireless Limited
Thanks to Katie Duczmal for reporting this vulnerability.
This document was written by Chris King.
|Date First Published:||2014-10-06|
|Date Last Updated:||2014-10-06 17:18 UTC|