CVE-2014-4871 Information

Description

Cross-site scripting (XSS) vulnerability in wlsecurity.html on NetCommWireless NB604N routers with firmware before GAN5.CZ56T-B-NC.AU-R4B030.EN allows remote attackers to inject arbitrary web script or HTML via the wlWpaPsk parameter.

Reference

http://www.kb.cert.org/vuls/id/941108 http://www.securityfocus.com/bid/70253