CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-8827

The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2761005-20161004084353 displays unsanitised user input, which allows an unauthenticated malicious user to embed JavaScript into the Log viewer interface via a crafted HTTP Referer header, aka XSS.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

http://45.32.113.185/075a6fa2d5db3bf3457896bee6db6787.html
http://45.32.113.185/075a6fa2d5db3bf3457896bee6db6787.html

Products affected by CVE-2018-8827

Technicolor » Tg789vac » Version: 2

cpe:2.3:h:technicolor:tg789vac:2
Technicolor » Tg789vac Firmware » Version: 16.3.7190-2761005-20161004084353

cpe:2.3:o:technicolor:tg789vac_firmware:16.3.7190-2761005-20161004084353

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-8827

Products

Pricing

Contact Us