10 matches found
CVE-2022-38814
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
EUVD-2022-41374
Malicious code in bioql PyPI...
CVE-2022-38814
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
CVE-2022-38814
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
CVE-2022-38814
A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...
CVE-2022-38814
FiberHome AN5506-02-B (model vRP2521) contains a stored XSS vulnerability in the auth_settings component. An attacker can inject HTML/script via the sncfg_loid text field to execute arbitrary scripts in the user’s browser. Documented across multiple feeds (NVD/Red Hat/CVE records and PT Security)...
PT-2022-24581 · Fiberhome · Fiberhome An5506-02-B
Name of the Vulnerable Software and Affected Versions: FiberHome AN5506-02-B version vRP2521 Description: A stored cross-site scripting XSS issue in the auth settings component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfg loid text field...
FiberHome AN5506-02-B 跨站脚本漏洞
The FiberHome AN5506-02-B is an FTTH GPON ONU from FiberHome, China. A security vulnerability exists in FiberHome AN5506-02-B vRP2521, which stems from a stored cross-site scripting XSS vulnerability in the authsettings component. An attacker could exploit this vulnerability to execute arbitrary...
Fiberhome AN5506-02-B Cross Site Scripting
Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS Date: 10/08/2022 Exploit Author: Leonardo Goncalves Version: Firmware RP2521 1 Log in the equipment via your web browser 2 Go to Network authsettings 3 In the "sncfgloid" inject the payload "alert" 4 Click Save 5 Exploit!...