Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote malicious users to inject arbitrary web script or HTML via the pwd parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arris na_model_862_gw_mono_firmware ts0705125d_031115 |
||
arris na_model_862_gw_mono_firmware ts0705125_062314 |
||
arris na_model_862_gw_mono_firmware ts070593c_073013 |
||
arris na_model_862_gw_mono_firmware ts0703128_100611 |
||
arris na_model_862_gw_mono_firmware ts0703135_112211 |