| Title | Castlenet Technology DOCSIS 3.0 CBW383G2N_0002.5510mp5.006 Basic Cross Site Scripting |
|---|
| Description | The Cross-Site Scripting (XSS) vulnerability was identified in the management application of the Castlenet Technology DOCSIS 3.0 router. To exploit this vulnerability, it is necessary to access the "Wireless" menu and modify the "SSID" field, which is an input field used to set the wireless network name. The affected field is "SSID", where it is possible to inject a malicious Cross-Site Scripting (XSS) script.
script: <img/src/onerror=prompt(8)> |
|---|
| Source | ⚠️ http://x.x.x.x:8080/wlanPrimaryNetwork.asp |
|---|
| User | Fergod (UID 55882) |
|---|
| Submission | 03/01/2025 02:12 (1 Year ago) |
|---|
| Moderation | 03/11/2025 15:53 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 299284 [Castlenet CBW383G2N up to 20250301 Wireless Menu /wlanPrimaryNetwork.asp SSID cross site scripting] |
|---|
| Points | 17 |
|---|