CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1207

Cross-site scripting (XSS) vulnerability on I-O DATA DEVICE WN-G300R devices with firmware 1.12 and earlier, WN-G300R2 devices with firmware 1.12 and earlier, and WN-G300R3 devices with firmware 1.01 and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2016-1207

Iodata » Wn-G300r2 » Version: N/A

cpe:2.3:h:iodata:wn-g300r2:-
Iodata » Wn-G300r3 » Version: N/A

cpe:2.3:h:iodata:wn-g300r3:-
Iodata » Wn-G300r » Version: N/A

cpe:2.3:h:iodata:wn-g300r:-
Iodata » Wn-G300r2 Firmware » Version: 1.12

cpe:2.3:o:iodata:wn-g300r2_firmware:1.12
Iodata » Wn-G300r3 Firmware » Version: 1.01

cpe:2.3:o:iodata:wn-g300r3_firmware:1.01
Iodata » Wn-G300r Firmware » Version: 1.12

cpe:2.3:o:iodata:wn-g300r_firmware:1.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1207

Products

Pricing

Contact Us