QwikSec

Security Database

CVE

CWE

Training

CVE-2015-2681

Published: Mar 23, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) next_page, (2) group_id, (3) action_script, or (4) flag parameter to start_apply.htm.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20150307 Fw: Vulnerabilities in ASUS RT-G32

mailing-list

x_refsource_FULLDISC

http://packetstormsecurity.com/files/130724/ASUS-RT-G32-Cross-Site-Request-Forgery-Cross-Site-Scripting.html

x_refsource_MISC

http://websecurity.com.ua/7644/

x_refsource_MISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.