Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:56 a.m.5 views

CVE-2022-38814

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

5.4CVSS5.1AI score0.02501EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-41374

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.02501EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/09/15 8:15 p.m.2 views

CVE-2022-38814

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

5.4CVSS5.9AI score0.02501EPSS
Exploits1References2
NVD
NVD
added 2022/09/15 8:15 p.m.15 views

CVE-2022-38814

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

5.4CVSS0.02501EPSS
Exploits1References1
Prion
Prion
added 2022/09/15 8:15 p.m.20 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

4.9CVSS5.2AI score0.02501EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/09/15 7:34 p.m.22 views

CVE-2022-38814

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

5.4AI score0.02501EPSS
Exploits1References1
CVE
CVE
added 2022/09/15 7:34 p.m.65 views

CVE-2022-38814

FiberHome AN5506-02-B (model vRP2521) contains a stored XSS vulnerability in the auth_settings component. An attacker can inject HTML/script via the sncfg_loid text field to execute arbitrary scripts in the user’s browser. Documented across multiple feeds (NVD/Red Hat/CVE records and PT Security)...

5.4CVSS5.2AI score0.02501EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/15 12:0 a.m.4 views

PT-2022-24581 · Fiberhome · Fiberhome An5506-02-B

Name of the Vulnerable Software and Affected Versions: FiberHome AN5506-02-B version vRP2521 Description: A stored cross-site scripting XSS issue in the auth settings component allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfg loid text field...

5.4CVSS5.5AI score0.02501EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/09/15 12:0 a.m.7 views

FiberHome AN5506-02-B 跨站脚本漏洞

The FiberHome AN5506-02-B is an FTTH GPON ONU from FiberHome, China. A security vulnerability exists in FiberHome AN5506-02-B vRP2521, which stems from a stored cross-site scripting XSS vulnerability in the authsettings component. An attacker could exploit this vulnerability to execute arbitrary...

5.4CVSS5.8AI score0.02501EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2022/08/11 12:0 a.m.366 views

Fiberhome AN5506-02-B Cross Site Scripting

Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS Date: 10/08/2022 Exploit Author: Leonardo Goncalves Version: Firmware RP2521 1 Log in the equipment via your web browser 2 Go to Network authsettings 3 In the "sncfgloid" inject the payload "alert" 4 Click Save 5 Exploit!...

Exploits0
Rows per page
Query Builder