Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-3069

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2013-3069
Last Modified 25 Apr 2014 02:07:16
Published 25 Apr 2014 01:12:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2013-3069

Summary

Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Password to the NAS User Setup page, (3) deviceName to USB_advanced.htm, or (4) Network Key to the Wireless Setup page.

Vulnerable Systems

Operating System

  • Netgear Wndr4700 Firmware 1.0.0.34


References

MISC - http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf

OSVDB - 92557


Last Updated: 27 May 2016 11:05:05