PT-2018-18860 · Foxconn · Foxconn Femto Ap-Fc4064-T

Publicado

2018-05-10

Atualizado

2018-06-13

CVE-2018-9111

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Foxconn FEMTO AP-FC4064-T AP GT B38 5.8.3lb15-W47 LTE Build 15

Description A Cross Site Scripting (XSS) issue exists, allowing an attacker to execute arbitrary script on an unsuspecting user's browser via the configuration of a user account.

Recommendations For Foxconn FEMTO AP-FC4064-T AP GT B38 5.8.3lb15-W47 LTE Build 15, consider disabling the user account configuration feature until a patch is available to prevent exploitation of the XSS issue. Restrict access to the user account configuration module to minimize the risk of arbitrary script execution. Avoid using the user account configuration feature in the affected build until the issue is resolved.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-9111

Produtos afetados

Foxconn Femto Ap-Fc4064-T

PT-2018-18860 · Foxconn · Foxconn Femto Ap-Fc4064-T

CVE-2018-9111

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3