Unrated severityNVD Advisory· Published Jan 30, 2014· Updated Apr 29, 2026

CVE-2014-1612

Description

Cross-site scripting (XSS) vulnerability in login.esp in the Web Management Interface in Media5 Mediatrix 4402 VoIP Gateway with firmware Dgw 1.1.13.186 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.

Affected products

Media5/Mediatrix Voip Gateway 4402 Firmware
cpe:2.3:a:media5:mediatrix_voip_gateway_4402_firmware:dgw_1.1.13.186:*:*:*:*:*:*:*
Media5/Mediatrix Voip Gateway
cpe:2.3:h:media5:mediatrix_voip_gateway:4402:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/252294nvdUS Government Resource
osvdb.org/102415nvd
packetstormsecurity.com/files/124931/Mediatrix-4402-Cross-Site-Scripting.htmlnvd
secunia.com/advisories/56638nvd
www.securityfocus.com/archive/1/530871/100/0/threadednvd
www.securityfocus.com/bid/65108nvd
exchange.xforce.ibmcloud.com/vulnerabilities/90656nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000