Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-01-10T16:00:00

Updated: 2024-08-06T09:42:35.552Z

Reserved: 2014-01-10T00:00:00

Link: CVE-2014-1405

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-01-10T16:47:06.130

Modified: 2024-11-21T02:04:13.797

Link: CVE-2014-1405

cve-icon Redhat

No data.