CVE-2013-3069
Summary
| CVE | CVE-2013-3069 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-04-25 17:12:00 UTC |
| Updated | 2014-04-25 18:07:00 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow remote authenticated users to inject arbitrary web script or HTML via the (1) UserName or (2) Password to the NAS User Setup page, (3) deviceName to USB_advanced.htm, or (4) Network Key to the Wireless Setup page. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Netgear | Wndr4700 | - | All | All | All |
| Hardware | Netgear | Wndr4700 | - | All | All | All |
| Operating System | Netgear | Wndr4700 Firmware | 1.0.0.34 | All | All | All |
| Operating System | Netgear | Wndr4700 Firmware | 1.0.0.34 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf | MISC | securityevaluators.com | Exploit |
| 92557 | OSVDB | osvdb.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.