| Título | INTELBRAS RF 301K 1.1.5 Cross Site Scripting |
|---|
| Descripción | A Cross-site Scripting (XSS) vulnerability was found in the application and management of the INTELBRAS RF 301K router.
To carry out this attack, it is necessary to be authenticated in the system.
To carry out the attack, it is necessary to access the "Advanced Configuration" menu and then the "Static IP" submenu. In the "Add" function, there is an input field for entering the description to be added to the Static IP Address. The affected field is "Description". In this field, it is possible to inject a Cross-Site Scripting script.
Script: <img src="" onerror="prompt(8)">
|
|---|
| Fuente | ⚠️ http://x.x.x.x:8888/index.html |
|---|
| Usuario | Havook (UID 71104) |
|---|
| Sumisión | 2025-02-15 22:35 (hace 1 Año) |
|---|
| Moderación | 2025-05-20 14:53 (3 months later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 309647 [Intelbras RF 301K 1.1.5 Add Static IP Descripción secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 17 |
|---|