CVE-2017-16836: XSS
First published: Thu Nov 16 2017(Updated: )
Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Commscope Arris Tg1682g Firmware | =10.0.59.sip.pc20.ct | |
| Commscope Arris Tg1682g |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2017-16836.
What is the severity of CVE-2017-16836?
CVE-2017-16836 has a severity rating of 6.1 (Medium).
What is the affected software for CVE-2017-16836?
The affected software for CVE-2017-16836 is Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software.
How does CVE-2017-16836 work?
CVE-2017-16836 allows Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.
Is there a fix available for CVE-2017-16836?
Currently, there is no known fix available for CVE-2017-16836. It is recommended to contact the vendor for more information.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- vendor/commscope
- canonical/commscope arris tg1682g firmware
- version/commscope arris tg1682g firmware/10.0.59.sip.pc20.ct
- canonical/commscope arris tg1682g