Vulnerabilities > Vonage > VDV 23 Firmware

DATE CVE VULNERABILITY TITLE RISK
2017-11-20 CVE-2017-16902 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vonage Vdv-23 Firmware 3.2.110.9.40
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/login causes the router to reboot.
network
low complexity
vonage CWE-119
7.5
7.5
2017-11-16 CVE-2017-16843 Cross-site Scripting vulnerability in Vonage Vdv-23 Firmware 3.2.110.9.40
Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic.
network
low complexity
vonage CWE-79
5.4
5.4