An injection vulnerability exists in RT-AC88U Download Master prior to 3.1.0.108. Accessing Main_Login.asp?flag=1&productname=FOOBAR&url=/downloadmaster/task.asp will redirect to the login site, which will show the value of the parameter productname within the title. An attacker might be able to influence the appearance of the login page, aka text injection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asus rt-ac88u firmware |