← Back to CVEs
CVE-2020-25498
MEDIUM4.8
Description
Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter.
CVE Details
CVSS v3.1 Score4.8
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredHIGH
User InteractionREQUIRED
Published1/6/2021
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
beetel:777vr1beetel:777vr1_firmware
Weaknesses (CWE)
CWE-79
References
http://beetel.com(cve@mitre.org)
https://github.com/the-girl-who-lived/CVE-2020-25498(cve@mitre.org)
https://youtu.be/qeVHvmS5wtI(cve@mitre.org)
https://youtu.be/u_6yBIMF74A(cve@mitre.org)
http://beetel.com(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/the-girl-who-lived/CVE-2020-25498(af854a3a-2127-422b-91ae-364da2661108)
https://youtu.be/qeVHvmS5wtI(af854a3a-2127-422b-91ae-364da2661108)
https://youtu.be/u_6yBIMF74A(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.