CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7249

SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on the WiFi Network Configuration page (after a successful login to the admin account).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.6%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

https://sku11army.blogspot.com/2020/01/smc-networks-stored-cross-site.html
https://sku11army.blogspot.com/2020/01/smc-networks-stored-cross-site.html

Products affected by CVE-2020-7249

Smc » D3g0804 » Version: N/A

cpe:2.3:h:smc:d3g0804:-
Smc » D3g0804 Firmware » Version: 3.5.2.5-lat_ga

cpe:2.3:o:smc:d3g0804_firmware:3.5.2.5-lat_ga

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7249

Products

Pricing

Contact Us