Comtrend : Security Vulnerabilities, CVEs, (XSS)
A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service.
Max CVSS
5.4
EPSS Score
0.06%
Published
2020-10-23
Updated
2020-10-27
Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter.
Max CVSS
4.3
EPSS Score
2.23%
Published
2010-02-02
Updated
2010-02-03
2 vulnerabilities found