Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows remote attackers to inject arbitrary web script or HTML by requesting a nonexistent URI in conjunction with a crafted HTTP Referer header that is not properly handled in a 404 page. NOTE: there is no CVE for a "URL redirection" issue that some sources list separately.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Allegro RomPager HTTP Referer Header URI 跨站脚本漏洞
Vulnerability Description
Allegro Software Development RomPager是美国Allegro Software Development公司的一套嵌入式Web服务器工具包,它允许用户使用通用的Web浏览器管理和控制网络打印机、交换机和路由器等网络设备的万维网(WWW)服务。 Allegro RomPager 4.07及之前的版本中存在跨站脚本漏洞。远程攻击者可通过创建特制的请求利用该漏洞注入任意Web脚本或HTML。以下产品及型号受到影响:ZyXEL P660HW-D1,Huawei MT882,Site
CVSS Information
N/A
Vulnerability Type
N/A