CVE-2014-1405

Conceptronic C54APM Firmware 1.26 - Open Redirect via submit-url or wlan-url Parameter

Title source: llm
STIX 2.1

Description

Multiple open redirect vulnerabilities on the Conceptronic C54APM access point with runtime code 1.26 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the submit-url parameter in a Refresh action to goform/formWlSiteSurvey or (2) the wlan-url parameter to goform/formWlanSetup.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/101916
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/101917

Scores

EPSS 0.0117
EPSS Percentile 63.6%

Details

CWE
CWE-20
Status published
Products (2)
conceptronic/c54apm v2
conceptronic/c54apm_firmware 1.26
Published Jan 10, 2014
Tracked Since Feb 18, 2026