GL.iNet GL-AR150 2.x prior to 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gl-inet gl-ar150_firmware |