Added |
CPE Configuration |
|
AND
OR
*cpe:2.3:o:netgear:jnr1010_firmware:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.0.32
OR
cpe:2.3:h:netgear:jnr1010:-:*:*:*:*:*:*:* |
Added |
CVSS V2 |
|
NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N) |
Added |
CVSS V2 Metadata |
|
Victim must voluntarily interact with attack mechanism |
Added |
CVSS V3.1 |
|
NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Added |
CWE |
|
NIST CWE-79 |
Changed |
Reference Type |
http://007software.net/multiple-cross-site-scripting-in-netgear-router-version1-0-0-24/ No Types Assigned |
http://007software.net/multiple-cross-site-scripting-in-netgear-router-version1-0-0-24/ Third Party Advisory |
Changed |
Reference Type |
https://github.com/cybersecurityworks/Disclosed/issues/12 No Types Assigned |
https://github.com/cybersecurityworks/Disclosed/issues/12 Exploit, Third Party Advisory |
Changed |
Reference Type |
https://khalil-shreateh.com/khalil.shtml/it-highlights/592-Netgear-1.0.0.24-Cross-Site-Request-Forgery--.html No Types Assigned |
https://khalil-shreateh.com/khalil.shtml/it-highlights/592-Netgear-1.0.0.24-Cross-Site-Request-Forgery--.html Exploit, Third Party Advisory |
Changed |
Reference Type |
https://lists.openwall.net/full-disclosure/2016/01/11/1 No Types Assigned |
https://lists.openwall.net/full-disclosure/2016/01/11/1 Exploit, Mailing List |
Changed |
Reference Type |
https://packetstormsecurity.com/files/135194/Netgear-1.0.0.24-Cross-Site-Scripting.html No Types Assigned |
https://packetstormsecurity.com/files/135194/Netgear-1.0.0.24-Cross-Site-Scripting.html Exploit, Third Party Advisory, VDB Entry |