exploitDog

GHSA-vgr2-xrrq-jr2p

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp.

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp.

Ссылки

EPSS

Процентиль: 40%

0.00186

Низкий

CVE ID

Связанные уязвимости

CVE-2019-14918

CVSS3: 5.4

nvd

около 6 лет назад

XSS in the DHCP lease-status table in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an attacker to inject arbitrary HTML/JavaScript code to achieve client-side code execution via crafted DHCP request packets to etc_ro/web/internet/dhcpcliinfo.asp.

EPSS

Процентиль: 40%

0.00186

Низкий

CVE ID