CVE-2021-27403
https://notcve.org/view.php?id=CVE-2021-27403
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS. Los dispositivos Askey versiones RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014, permiten un ataque de tipo XSS de curWebPage del archivo cgi-bin/ te_acceso_router.cgi • https://github.com/bokanrb/CVE-2021-27403 https://github.com/bokanrb/XSS-Askey • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-27404
https://notcve.org/view.php?id=CVE-2021-27404
Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow injection of a Host HTTP header. Los dispositivos Askey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014, permiten una inyección de un encabezado Host HTTP • https://github.com/bokanrb/CVE-2021-27404 https://github.com/bokanrb/HostHeaderInjection-Askey • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •