On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2url.cgi (aka the Keyword field of the URL Blocking Configuration).
6.1CVSS
6AI Score
0.002EPSS
6.5CVSS
6.5AI Score
0.002EPSS
On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname parameter (Dynamic DNS Configuration).
6.1CVSS
6AI Score
0.002EPSS
On Netis DL4323 devices, XSS exists via the form2userconfig.cgi username parameter (User Account Configuration).
6.1CVSS
6AI Score
0.002EPSS
On Netis DL4323 devices, any user role can view sensitive information, such as a user password or the FTP password, via the form2saveConf.cgi page.
8.8CVSS
8.7AI Score
0.001EPSS
6.1CVSS
6AI Score
0.002EPSS
On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS Configuration).
6.1CVSS
6AI Score
0.002EPSS