ID
VAR-201705-3885
CVE
CVE-2017-9243
TITLE
Aries QWR-1104 Wireless-N Router Cross-Site Scripting Vulnerability
Trust: 1.2
sources:
CNVD: CNVD-2017-11052 //
CNNVD: CNNVD-201705-1381
DESCRIPTION
Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point. Aries QWR-1104 Wireless-N Router Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. AriesQWR-1104Wireless-NRouter is a home router from AriesNetwork, India. A cross-site scripting vulnerability exists in the WirelessSiteSurvey page of AriesQWR-1104Wireless-NRouter using WRC.253.2.0913 firmware. A remote attacker can exploit this vulnerability to inject arbitrary web scripts or HTML
Trust: 2.25
sources:
NVD: CVE-2017-9243 //
JVNDB: JVNDB-2017-004528 //
CNVD: CNVD-2017-11052 //
VULHUB: VHN-117446
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2017-11052
AFFECTED PRODUCTS
| vendor: | aries | model: | qwr-1104 wireless-n router | scope: | eq | version: | wrc.253.2.0913 | Trust: 2.4 |
| vendor: | aries | model: | network qwr-1104 wireless-n router wrc.253.2.0913 | scope: | - | version: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2017-11052 //
JVNDB: JVNDB-2017-004528 //
CNNVD: CNNVD-201705-1381 //
NVD: CVE-2017-9243
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2017-11052 //
VULHUB: VHN-117446 //
JVNDB: JVNDB-2017-004528 //
CNNVD: CNNVD-201705-1381 //
NVD: CVE-2017-9243
PROBLEMTYPE DATA
| problemtype: | CWE-79 | Trust: 1.9 |
sources:
VULHUB: VHN-117446 //
JVNDB: JVNDB-2017-004528 //
NVD: CVE-2017-9243
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201705-1381
TYPE
XSS
Trust: 0.6
sources:
CNNVD: CNNVD-201705-1381
CONFIGURATIONS
sources:
JVNDB: JVNDB-2017-004528
PATCH
| title: | Top Page | url: | http://www.ariesnetworks.net/ | Trust: 0.8 |
sources:
JVNDB: JVNDB-2017-004528
EXTERNAL IDS
| db: | NVD | id: | CVE-2017-9243 | Trust: 3.1 |
| db: | EXPLOIT-DB | id: | 42075 | Trust: 2.3 |
| db: | JVNDB | id: | JVNDB-2017-004528 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201705-1381 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2017-11052 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-117446 | Trust: 0.1 |
sources:
CNVD: CNVD-2017-11052 //
VULHUB: VHN-117446 //
JVNDB: JVNDB-2017-004528 //
CNNVD: CNNVD-201705-1381 //
NVD: CVE-2017-9243
REFERENCES
| url: | http://touhidshaikh.com/blog/poc/qwr-1104-wireless-n-router-xss/ | Trust: 3.1 |
| url: | https://www.exploit-db.com/exploits/42075/ | Trust: 2.3 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9243 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2017-9243 | Trust: 0.8 |
sources:
CNVD: CNVD-2017-11052 //
VULHUB: VHN-117446 //
JVNDB: JVNDB-2017-004528 //
CNNVD: CNNVD-201705-1381 //
NVD: CVE-2017-9243
SOURCES
| db: | CNVD | id: | CNVD-2017-11052 |
| db: | VULHUB | id: | VHN-117446 |
| db: | JVNDB | id: | JVNDB-2017-004528 |
| db: | CNNVD | id: | CNNVD-201705-1381 |
| db: | NVD | id: | CVE-2017-9243 |
LAST UPDATE DATE
2025-04-20T23:23:45.647000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2017-11052 | date: | 2017-06-23T00:00:00 |
| db: | VULHUB | id: | VHN-117446 | date: | 2017-06-08T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-004528 | date: | 2017-06-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201705-1381 | date: | 2017-06-01T00:00:00 |
| db: | NVD | id: | CVE-2017-9243 | date: | 2025-04-20T01:37:25.860 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2017-11052 | date: | 2017-06-23T00:00:00 |
| db: | VULHUB | id: | VHN-117446 | date: | 2017-05-28T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-004528 | date: | 2017-06-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201705-1381 | date: | 2017-05-28T00:00:00 |
| db: | NVD | id: | CVE-2017-9243 | date: | 2017-05-28T18:29:00.200 |