Details of VAR-202108-2563

ID

VAR-202108-2563

TITLE

Storage XSS vulnerability exists in the smart gateway configuration platform of Beijing Link Technology Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2021-54068

DESCRIPTION

Beijing Link Technology Co., Ltd. is a company that has professional Wi-Fi technology and is committed to combining Internet technology with traditional industries to help industry customers embrace the Internet and create new value for traditional industries. The smart gateway configuration platform of Beijing Link Technology Co., Ltd. has a stored XSS vulnerability. Attackers can use this vulnerability to obtain sensitive information such as user cookies.

Trust: 0.6

sources: CNVD: CNVD-2021-54068

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-54068

AFFECTED PRODUCTS

vendor:

link

model:

smart gateway configuration platform

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-54068

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-54068
value:	LOW
Trust: 0.6

CNVD:	CNVD-2021-54068
severity:	LOW
baseScore:	3.6
vectorString:	AV:N/AC:H/AU:S/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-54068

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-54068

Trust: 0.6

sources: CNVD: CNVD-2021-54068

SOURCES

db:

CNVD

id:

CNVD-2021-54068

LAST UPDATE DATE

2022-05-04T09:55:10.264000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-54068

date:

2021-07-23T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-54068

date:

2021-08-29T00:00:00