vendor:
Ubee EVW3200
by:
Jeroen - IT Nerdbox
N/A
CVSS
N/A
Persistent Cross Site Scripting
CWE
Product Name: Ubee EVW3200
Affected Version From: All
Affected Version To:
Patch Exists:
Related CWE:
CPE:
Platforms Tested:
2/3/2014
Ubee EVW3200 – Multiple Persistent Cross Site Scripting
The SSID and Device name settings in the wireless configuration do not sanitize their input. The VPN Tunnel name is also vulnerable for persistent XSS.