The web interface of the ‘Nighthawk R6220 AC1200 Smart Wi-Fi Router’ is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
CPE | Name | Operator | Version |
---|---|---|---|
ac1200_r6220_firmware | eq | 1.1.112101 | |
ac1200_r6220_firmware | eq | 1.1.114101 |