Vulnerability Details CVE-2021-44148
GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.2%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2021-44148
-
cpe:2.3:h:gl-inet:gl-ar150:-
-
cpe:2.3:o:gl-inet:gl-ar150_firmware:*