Cross-site scripting (XSS) vulnerability in the web interface on Huawei Echo Life HG8247 routers with software before V100R006C00SPC127 allows remote attackers to inject arbitrary web script or HTML via an invalid TELNET connection attempt with a crafted username that is not properly handled during construction of the "failed log-in attempts over telnet" log view.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.kb.cert.org/vuls/id/917700 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2014-04-05T01:00:00
Updated: 2024-08-06T09:13:10.293Z
Reserved: 2013-12-05T00:00:00
Link: CVE-2014-0337
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-04-05T04:01:37.547
Modified: 2024-11-21T02:01:54.343
Link: CVE-2014-0337
Redhat
No data.