Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2017-16843

Published: 16/11/2017 Updated: 02/12/2017
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 355
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic.

Vulnerable Product Search on Vulmon Subscribe to Product

vonage vdv-23_firmware 3.2.11-0.9.40

Exploits

Exploit DB: Vonage VDV23 - Cross-Site Scripting
# Exploit Title: Vonage Home Router – Stored Xss # Date: 16/11/2017 # Exploit Author: Nu11By73 # Hardware Version: VDV-23: 115 # Software Version: 3211-0940 # CVE : CVE-2017-16843 NewKeyword Parameter: 1 Login to the router 2 Click advanced setup 3 Click parental controls 4 In the block these keywords text box enter: test”><sc ...

References

CWE-79https://www.exploit-db.com/exploits/43150/https://gh0s7.net/vonage/https://nvd.nist.govhttps://www.exploit-db.com/exploits/43150/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30043cameraCVE-2023-40404CVE-2024-2793client sideCVE-2024-4469CVE-2024-3565CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook