Vulnerability Details CVE-2017-14219
XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. The attack vector is a crafted ESSID, as demonstrated by an "airbase-ng -e" command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2017-14219
-
cpe:2.3:h:intelbras:wrn_240:-
-
cpe:2.3:o:intelbras:wrn_240_firmware:-