Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models before firmware 1.0.4.44, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
grandstream gxv_device_firmware 1.0.4.38 |
||
grandstream gxv_device_firmware 1.0.4.37 |
||
grandstream gxv_device_firmware 1.0.4.34 |
||
grandstream gxv_device_firmware 1.0.4.27 |
||
grandstream gxv_device_firmware |
||
grandstream gxv_device_firmware 1.0.4.39 |
||
grandstream gxv_device_firmware 1.0.4.16 |
||
grandstream gxv_device_firmware 1.0.4.7 |
||
grandstream gxv_device_firmware 1.0.3.9 |
||
grandstream gxv_device_firmware 1.0.2.3 |
||
grandstream gxv_device_firmware 1.0.4.42 |
||
grandstream gxv_device_firmware 1.0.4.11 |
||
grandstream gxv_device_firmware 1.0.4.6 |
||
grandstream gxv3651fhd - |
||
grandstream gxv3662hd - |
||
grandstream gxv3615wp_hd - |
||
grandstream gxv3500 - |
||
grandstream gxv3601 - |
||
grandstream gxv3611hd\\/ll - |
||
grandstream gxv3501 - |
||
grandstream gxv3504 - |
||
grandstream gxv3601hd\\/ll - |
||
grandstream gxv3615w\\/p - |