NVD

Id
30070  
Name
CVE-2014-1405  
Description
Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-19  
Published
2014-01-10  
Modified Date
2015-08-07  
Seq
2014-1405  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
158296 30070 CVE-2014-1405 http://antoniovazquezblanco.github.io/docs/advisories/Advisory_C54APM_Multiple.pdf  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12158 JVNDB-2014-001033 Conceptronic C54APM アクセスポイントにおけるオープンリダイレクトの脆弱性 Conceptronic C54APM アクセスポイントのランタイムコードには、オープンリダイレクトの脆弱性が存在します。 CVE-2014-1405 68692 CVE-2014-1405 30070 5.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001033.html 2014-01-07 2014-01-15 View