Vulnerabilities (CVE)

Filtered by vendor Ez-net Subscribe
Filtered by product Next-7004n Firmware
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-2521 1 Ez-net 2 Next-7004n, Next-7004n Firmware 2024-05-17 4.0 MEDIUM 6.1 MEDIUM
A vulnerability was found in NEXTU NEXT-7004N 3.0.1. It has been classified as problematic. Affected is an unknown function of the file /boafrm/formFilter of the component POST Request Handler. The manipulation of the argument url with the input <svg onload=alert(1337)> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228012. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.