Lucene search

[email protected]NVD:CVE-2012-6316

HistorySep 30, 2014 - 2:55 p.m.

CVE-2012-6316

2014-09-3014:55:07

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.

Affected configurations

Nvd

Node

tp-linktl-wr841n_firmwareRange≤3.13.9

AND

tp-linktl-wr841nMatch-

VendorProductVersionCPE
tp-linktl-wr841n_firmware*cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*
tp-linktl-wr841n-cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tp-link	tl-wr841n_firmware	*	cpe:2.3:o:tp-link:tl-wr841n_firmware::::::::
tp-link	tl-wr841n	-	cpe:2.3:h:tp-link:tl-wr841n:-:::::::*

References

seclists.org/fulldisclosure/2012/Dec/93

www.securityfocus.com/bid/56602

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

Related for NVD:CVE-2012-6316

prion1 packetstorm1 cvelist1 cve1