CVE-2017-16564
Affected : Vonage (Grandstream) HT802 home gateway devices. Vulnerability : Stored Cross-Site Scripting (XSS) in /cgi-bin/config2, exploitable via the DHCP vendor class ID field (P148). Impact : remote authenticated users can inject arbitrary web script/HTML (per CVE-2017-16564). Root cause : XSS...