Vulnerabilities > GL Inet > GL Ar150 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-12-07 CVE-2021-44148 Cross-site Scripting vulnerability in Gl-Inet Gl-Ar150 Firmware
GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allow cgi-bin/router_cgi?action=scanwifi XSS when an attacker creates an SSID with an XSS payload as the name.
network
low complexity
gl-inet CWE-79
6.1