Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2024-33433

MEDIUM

Published 2024-05-13T19:56:22.474Z

Actions:

CVSS Score

V3.1

4.8

/10

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Base Score Metrics

Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Impact Metrics

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Description

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

x2000r_firmware

Affected Versions:

1.0.0-b20231213.1013

References

https://github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/X2000R/XSS_2_Guest_Access_Control/README.md

Published: 2024-05-13T19:56:22.474Z

Last Modified: 2025-02-13T15:52:37.357Z

Copied to clipboard!