Skip to main content

Vigor2860Ac Firmware

1 CVEs product

Monthly

CVE-2023-23313 MEDIUM This Month

Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vigor2860 Firmware Vigor2860N Firmware Vigor2860N Plus Firmware Vigor2860Vn Plus Firmware +87
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 0% CVSS 6.1
MEDIUM This Month

Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Vigor2860 Firmware Vigor2860N Firmware +89
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy