HomePentest-Tools.com Logo

DrayTek Vigor2700 Series < 2.8.4 Javascript Injection Vulnerability CVE-2013-5703

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Multiple DrayTek Vigor Routers are prone to a javascript injection vulnerability.

Risk description

Multiple DrayTek Vigor Routers allowing remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js.

Recommendation

Update to version 2.8.4 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 22, 2013
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available