CVE-2018-20372
CVE-2018-20372 affects TP-Link TD-W8961ND devices, where an XSS flaw can be triggered via the hostname of a DHCP client in the router’s web interface. The root cause is a cross-site scripting flaw in the handling/display of DHCP client hostnames, allowing injected payloads to execute in the devic...