CVE-2020-23617: XSS
First published: Mon May 02 2022(Updated: )
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink N200re Firmware | =2.0 | |
| Totolink N200RE | ||
| Totolink N100re Firmware | =2.0 | |
| Totolink N100re |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-23617?
The severity of CVE-2020-23617 is medium with a CVSS score of 6.1.
What is the affected software of CVE-2020-23617?
The affected software of CVE-2020-23617 includes Totolink N200RE Firmware 2.0 and Totolink N100RE Firmware 2.0.
How can an attacker exploit CVE-2020-23617?
An attacker can exploit CVE-2020-23617 by executing arbitrary web scripts or HTML via the SCRIPT element on the error page of Totolink N200RE and N100RE Routers 2.0.
Is Totolink N200RE vulnerable to CVE-2020-23617?
No, Totolink N200RE is not vulnerable to CVE-2020-23617.
Is Totolink N100RE vulnerable to CVE-2020-23617?
No, Totolink N100RE is not vulnerable to CVE-2020-23617.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/totolink
- canonical/totolink n200re firmware
- version/totolink n200re firmware/2.0
- canonical/totolink n200re
- canonical/totolink n100re firmware
- version/totolink n100re firmware/2.0
- canonical/totolink n100re