Description
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2013-5540 | The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code, and modify settings or the DNS cache, via a crafted SSID value that is not properly handled during insertion into the sWlessSurvey value in variables.js. |
References
| Link | Providers |
|---|---|
| http://www.kb.cert.org/vuls/id/101462 |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-17T01:57:00.232Z
Reserved: 2013-09-05T00:00:00.000Z
Link: CVE-2013-5703
No data.
Status : Modified
Published: 2013-10-22T22:55:07.347
Modified: 2026-06-16T23:59:16.343
Link: CVE-2013-5703
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
EUVD