Draytek VigorAP 1000C contains a stored cross-site scripting (XSS) vulnerability in the RADIUS Setting - RADIUS Server Configuration module. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the username input field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
draytek vigorap_1000c_firmware 1.3.2 |
||
draytek vigorap_700_firmware 1.11 |
||
draytek vigorap_710_firmware 1.2.5 |
||
draytek vigorap_800_firmware 1.1.4 |
||
draytek vigorap_802_firmware 1.3.2 |
||
draytek vigorap_810_firmware 1.2.5 |
||
draytek vigorap_900_firmware 1.2.0 |
||
draytek vigorap_902_firmware 1.2.5 |
||
draytek vigorap_903_firmware 1.3.1 |
||
draytek vigorap_910c_firmware 1.2.5 |
||
draytek vigorap_912c_firmware 1.3.2 |
||
draytek vigorap_918r_firmware 1.3.2 |
||
draytek vigorap_920r_firmware 1.3.0 |