CVE-2014-9142 – Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 wit

Cross-site scripting (XSS) vulnerability in Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to inject arbitrary web script or HTML via the failrefer parameter.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9142

Reference (s):

• BUGTRAQ:20141203 Wireless N ADSL 2/2+ Modem Router – DT5130 – Xss / URL Redirect / Command Injection
• URL: http://www.securityfocus.com/archive/1/534143/100/0/threaded
• EXPLOIT-DB:35462
• URL: http://www.exploit-db.com/exploits/35462
• http://packetstormsecurity.com/files/129374/ADSL2-2.05.C29GV-XSS-URL-Redirect-Command-Injection.html