Описание
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-26064
- https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html
- https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html
- https://seclists.org/fulldisclosure/2025/Jul/14
- http://seclists.org/fulldisclosure/2025/Jul/14
- http://seclists.org/fulldisclosure/2025/Jul/26
Связанные уязвимости
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
Уязвимость веб-интерфейса управления микропрограммного обеспечения маршрутизаторов Intelbras RX 1500 и RX 3000, позволяющая нарушителю проводить межсайтовые сценарные атаки