2 matches found
CVE-2019-12513
In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious...
CVE-2019-12513
The CVE-2019-12513 issue affects NETGEAR Nighthawk X10-R900 (firmware prior to 1.0.4.24). A malicious DHCP Discover containing a crafted hostname can trigger a stored XSS: the device logs the hostname in an Administration Logs entry, which attackers can view to execute the payload. Vulnerability ...