CVE Daily

CVE-2019-20076

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (Dy...

Medium CVSS 6.1

Overview

On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username parameter (DynDns settings of the Dynamic DNS Configuration).

CWE: CWE-79 Published: 2019-12-30T00:15:11.753
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.1 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags