| 제목 | INTELBRAS RF 301K 1.1.5 Cross Site Scripting |
|---|
| 설명 | A Cross-site Scripting (XSS) vulnerability was found in the application and management of the INTELBRAS RF 301K router.
To carry out this attack, it is necessary to be authenticated in the system.
To carry out the attack, it is necessary to access the "Advanced Configuration" menu and then the "Static IP" submenu. In the "Add" function, there is an input field for entering the description to be added to the Static IP Address. The affected field is "Description". In this field, it is possible to inject a Cross-Site Scripting script.
Script: <img src="" onerror="prompt(8)">
|
|---|
| 원천 | ⚠️ http://x.x.x.x:8888/index.html |
|---|
| 사용자 | Havook (UID 71104) |
|---|
| 제출 | 2025. 02. 15. PM 10:35 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 05. 20. PM 02:53 (3 months later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 309647 [Intelbras RF 301K 1.1.5 Add Static IP 설명 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 17 |
|---|