On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigor2925_firmware 3.8.4.3 |