Vulnerabilities > Actiontec
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-06 | CVE-2018-19922 | Cross-site Scripting vulnerability in Actiontec C1000A Firmware Cac00431.30L.95 Persistent Cross-Site Scripting (XSS) in the advancedsetup_websiteblocking.html Website Blocking page of the Actiontec C1000A router with firmware through CAC004-31.30L.95 allows a remote attacker to inject arbitrary HTML into the Website Blocking page by inserting arbitrary HTML into the 'TodUrlAdd' URL parameter in a /urlfilter.cmd POST request. | 6.1 |
2018-05-14 | CVE-2018-10252 | Session Fixation vulnerability in Actiontec Wcb6200Q Firmware An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. | 8.1 |