CVE-2017-10896

2017-12-0815:00:00

jpcert

www.cve.org

EPSS

0.001

Percentile

32.7%

JSON

Cross-site scripting vulnerability in Buffalo BBR-4HG and and BBR-4MG broadband routers with firmware 1.00 to 1.48 and 2.00 to 2.07 allows an attacker to inject arbitrary web script or HTML via unspecified vectors.

CNA Affected

[
  {
    "product": "BBR-4HG",
    "vendor": "BUFFALO INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware 1.00 to 1.48"
      },
      {
        "status": "affected",
        "version": "firmware 2.00 to 2.07"
      }
    ]
  },
  {
    "product": "BBR-4MG",
    "vendor": "BUFFALO INC.",
    "versions": [
      {
        "status": "affected",
        "version": "firmware 1.00 to 1.48"
      },
      {
        "status": "affected",
        "version": "firmware 2.00 to 2.07"
      }
    ]
  }
]

References

buffalo.jp/support_s/s20171201.html

jvn.jp/en/jp/JVN65994435/index.html

EPSS

0.001

Percentile

32.7%

JSON

Related for CVELIST:CVE-2017-10896