4 matches found
CVE-2019-10677
CVE-2019-10677 affects DASAN Zhone ZNID GPON 2426A EU (S3.1.285 and earlier). The flaw is a lack of proper validation/sanitization in the web interface, enabling Cross-Site Scripting via unsanitized GET parameters: /zhndnsdisplay.cmd (name) and /wlsecrefresh.wl (wlWscCfgMethod, wl_wsc_reg). Docum...
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting Vulnerabilities
Exploit for hardware platform in category web applications Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit Titl...
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit...
DASAN Zhone ZNID GPON 2426A EU - Multiple Cross-Site Scripting
Multiple Cross-Site Scripting XSS in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters. Exploit Title: Multiple Cross-Site Scripting XSS in DASAN Zhone ZNID GP...