{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T20:24:21.937","vulnerabilities":[{"cve":{"id":"CVE-2018-0679","sourceIdentifier":"vultures@jpcert.or.jp","published":"2018-11-15T15:29:00.287","lastModified":"2024-11-21T03:38:43.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting vulnerability in multiple FXC Inc. network devices (Managed Ethernet switch FXC5210/5218/5224 firmware prior to version Ver1.00.22, Managed Ethernet switch FXC5426F firmware prior to version Ver1.00.06, Managed Ethernet switch FXC5428 firmware prior to version Ver1.00.07, Power over Ethernet (PoE) switch FXC5210PE/5218PE/5224PE firmware prior to version Ver1.00.14, and Wireless LAN router AE1021/AE1021PE firmware all versions) allows attacker with administrator rights to inject arbitrary web script or HTML via the administrative page."},{"lang":"es","value":"Vulnerabilidad Cross-Site Scripting (XSS) en múltiples dispositivos de red de FXC Inc. (Managed Ethernet switch FXC5210/5218/5224 con firmware en versiones anteriores a la Ver1.00.22, Managed Ethernet switch FXC5426F con firmware en versiones anteriores a la Ver1.00.06, Managed Ethernet switch FXC5428 con firmware en versiones anteriores a la Ver1.00.07, Power over Ethernet (PoE) switch FXC5210PE/5218PE/5224PE con firmware en versiones anteriores a la Ver1.00.14 y Wireless LAN router AE1021/AE1021PE con firmware en todas las versiones) permite que un atacante con derechos de administrador inyecte scripts web o HTML arbitrarios mediante la página administrativa."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5210_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.22","matchCriteriaId":"72B8C77B-756B-4DBF-8642-9CEFA3E64FAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5210:-:*:*:*:*:*:*:*","matchCriteriaId":"8C380189-64D0-4E67-A7BB-AAB484497E49"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5218_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.22","matchCriteriaId":"A6BF9D0B-4A8E-4748-8F11-BA13560F4D16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5218:-:*:*:*:*:*:*:*","matchCriteriaId":"22202750-42B2-49C4-913A-109E2B4A9ED2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5224_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.22","matchCriteriaId":"C14B632E-AFB3-4768-B55D-AC174A0C2EB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5224:-:*:*:*:*:*:*:*","matchCriteriaId":"17C40735-948D-49FF-BEC1-8EC5840E75D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5426f_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.06","matchCriteriaId":"B8063D2B-DD96-4624-85DC-3A5707C94203"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5426f:-:*:*:*:*:*:*:*","matchCriteriaId":"FD2A9AE2-29E8-4662-881A-A4F9C83CF15D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5428_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.07","matchCriteriaId":"9845D815-58C3-4138-8F75-36B559774F47"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5428:-:*:*:*:*:*:*:*","matchCriteriaId":"CEB46925-3B3D-4980-8E32-B86E978BD13C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5210pe_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.14","matchCriteriaId":"FFF6CC07-DBEF-48C8-9369-731FDED0835B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5210pe:-:*:*:*:*:*:*:*","matchCriteriaId":"D6B7A903-7058-473F-B027-EC9408651BE9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5218pe_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.14","matchCriteriaId":"EEB412D1-5C4D-4800-8C05-42AE9AE4495B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5218pe:-:*:*:*:*:*:*:*","matchCriteriaId":"C568C89C-9A39-45EE-9345-2EB406AFF932"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:fxc5224pe_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.00.14","matchCriteriaId":"66703C10-C292-438A-ADCF-6966DAF1002A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:fxc5224pe:-:*:*:*:*:*:*:*","matchCriteriaId":"B8077073-5A74-4512-86B1-1EB37E4C7928"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:ae1021_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"693C65D1-F2F8-4DC7-AA47-F9A0323AA118"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:ae1021:-:*:*:*:*:*:*:*","matchCriteriaId":"03B391D9-2AF4-4889-BFA3-52C11B4390C5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fxc:ae1021pe_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"BC6562B5-862B-490D-8B2A-D0250CF5C63A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fxc:ae1021pe:-:*:*:*:*:*:*:*","matchCriteriaId":"BB758E1E-0CF5-4CA6-9A08-2B33BF296D67"}]}]}],"references":[{"url":"http://jvn.jp/en/jp/JVN68528150/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://www.fxc.jp/news/20171228.html","source":"vultures@jpcert.or.jp","tags":["Mitigation","Vendor Advisory"]},{"url":"http://jvn.jp/en/jp/JVN68528150/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.fxc.jp/news/20171228.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]}]}}]}