Vulnerability Details CVE-2018-6355
/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-6355
-
cpe:2.3:h:iball:ib-wrb302n:-
-
cpe:2.3:o:iball:ib-wrb302n_firmware:1.0.1-sep_8_2017