Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-01-10T16:00:00
Updated: 2024-08-06T09:42:35.552Z
Reserved: 2014-01-10T00:00:00
Link: CVE-2014-1405
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-01-10T16:47:06.130
Modified: 2024-11-21T02:04:13.797
Link: CVE-2014-1405
Redhat
No data.