CVE-2019-13407

CVE-2019-13407: Advan VD-1 has a reflected XSS vulnerability in page cgibin/ssi.cgi

Vendor Androvideo

Product Advan VD-1 firmware

Weakness CWE-79 · XSS

Published August 29, 2019

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly.

Key dates

02Disclosure timeline

August 29, 2019 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-13407 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

CVE-2019-13407: Advan VD-1 has a reflected XSS vulnerability in page cgibin/ssi.cgi

01Description

02Disclosure timeline

03References

04Related CVE