Vulnerability Description
Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nec | Aterm Wf1200Cr Firmware | <= 1.1.1 |
| Nec | Aterm Wf1200Cr | - |
| Nec | Aterm Wg1200Cr Firmware | <= 1.0.1 |
| Nec | Aterm Wg1200Cr | - |
Related Weaknesses (CWE)
References
- https://jpn.nec.com/security-info/secinfo/nv18-021.htmlVendor Advisory
- https://jvn.jp/en/jp/JVN87535892/index.htmlThird Party Advisory
- https://jpn.nec.com/security-info/secinfo/nv18-021.htmlVendor Advisory
- https://jvn.jp/en/jp/JVN87535892/index.htmlThird Party Advisory
FAQ
What is CVE-2018-16193?
CVE-2018-16193 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to i...
How severe is CVE-2018-16193?
CVE-2018-16193 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-16193?
Check the references section above for vendor advisories and patch information. Affected products include: Nec Aterm Wf1200Cr Firmware, Nec Aterm Wf1200Cr, Nec Aterm Wg1200Cr Firmware, Nec Aterm Wg1200Cr.