Vulnerabilities > Linksys > Ea6500 Firmware > 1.1.28.147876
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-29 | CVE-2013-3066 | Permissions, Privileges, and Access Controls vulnerability in Linksys Ea6500 and Ea6500 Firmware Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/. | 7.1 |
2014-09-29 | CVE-2013-3065 | Cross-Site Scripting vulnerability in Linksys Ea6500 and Ea6500 Firmware Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section. | 3.5 |
2014-09-29 | CVE-2013-3064 | Open Redirection vulnerability in Linksys Ea6500 and Ea6500 Firmware Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter. network linksys | 6.8 |