| عنوان | INTELBRAS RF 301K 1.1.5 Cross Site Scripting |
|---|
| الوصف | A Cross-site Scripting (XSS) vulnerability was found in the application and management of the INTELBRAS RF 301K router.
To carry out this attack, it is necessary to be authenticated in the system.
To carry out the attack, it is necessary to access the "Advanced Configuration" menu and then the "Static IP" submenu. In the "Add" function, there is an input field for entering the description to be added to the Static IP Address. The affected field is "Description". In this field, it is possible to inject a Cross-Site Scripting script.
Script: <img src="" onerror="prompt(8)">
|
|---|
| المصدر | ⚠️ http://x.x.x.x:8888/index.html |
|---|
| المستخدم | Havook (UID 71104) |
|---|
| ارسال | 15/02/2025 10:35 PM (1 سنة منذ) |
|---|
| الاعتدال | 20/05/2025 02:53 PM (3 months later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 309647 [Intelbras RF 301K 1.1.5 Add Static IP الوصف البرمجة عبر المواقع] |
|---|
| النقاط | 17 |
|---|