Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to conduct Open Redirect attacks via the return-url parameter to /goform/formLogout.
Conclusion & alert: CVE-2016-10316 is rated Exploit Available (57.8/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 0.77%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.16% | 0.77% | +0.61% |
| 2 | 2024-09-17 | 0.13% | 0.16% | +0.03% |
| 3 | 2024-02-08 | — | 0.13% | — |
Full EPSS history (5 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.1 | 3.0 | MEDIUM |
|
2.8 | 2.7 | [email protected] |
| 5.8 | 2.0 | MEDIUM |
|
8.6 | 4.9 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| jensenofscandinavia | al3g_firmware | 2.23m | cpe:2.3:o:jensenofscandinavia:al3g_firmware:2.23m:*:*:*:*:*:*:* |
| jensenofscandinavia | al5000ac_firmware | 1.13 | cpe:2.3:o:jensenofscandinavia:al5000ac_firmware:1.13:*:*:*:*:*:*:* |
| jensenofscandinavia | al59300_firmware | 1.04 | cpe:2.3:o:jensenofscandinavia:al59300_firmware:1.04:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.riskbasedsecurity.com/research/RBS-2016-004.pdf | Exploit Technical Description Third Party Advisory |