Description
Cross-site scripting in parent_control.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to execute arbitrary JavaScript by modifying the "Description" field and "Service Name" field.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2021-20890 | Cross-site scripting in parent_control.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to execute arbitrary JavaScript by modifying the "Description" field and "Service Name" field. |
References
| Link | Providers |
|---|---|
| https://github.com/pup2y/IoTVul/tree/main/TOTOLINK/A3002R |
|
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-04T00:05:52.473Z
Reserved: 2021-06-07T00:00:00.000Z
Link: CVE-2021-34228
No data.
Status : Modified
Published: 2021-08-20T17:15:07.647
Modified: 2026-06-17T03:55:34.037
Link: CVE-2021-34228
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD