14 matches found
CVE-2024-28090
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyndns.asp...
CVE-2024-28091
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User Defined Service in managedservicesadd.asp the victim must click an X for a deletion...
CVE-2024-31973
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name SSID' input fields to the /index.htmlwirelessbasic page...
CVE-2024-31973
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name SSID' input fields to the /index.htmlwirelessbasic page...
CVE-2024-31973
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name SSID' input fields to the /index.htmlwirelessbasic page...
CVE-2024-31973
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via the 'Network Name SSID' input fields to the /index.htmlwirelessbasic page...
CVE-2024-28090
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyndns.asp...
CVE-2024-28090
The CVE-2024-28090 issue affects Technicolor TC8715D devices (TC8715D-01.EF.04.38.00-180405-S-FF9-D) where a remote attacker in Wi‑Fi proximity can exploit a stored XSS in the dyn_dns.asp page via the User name field. Reported by multiple sources (NVD/NVD-derived descriptions, CNVD, Red Hat, CNVD...
CVE-2024-28091
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User Defined Service in managedservicesadd.asp the victim must click an X for a deletion...
CVE-2024-28090
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyndns.asp...
CVE-2024-28092
UBEE DDW365 XCNDDW365 8.14.3105 software on hardware 3.13.1 allows a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via RgFirewallEL.asp, RgDdns.asp, RgTime.asp, RgDiagnostics.asp, or RgParentalBasic.asp. The affected fields are SMTP Server Name, SMTP Username, Host Name, Ti...
CVE-2024-28089
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity who has access to the router admin panel to conduct a DOM-based stored XSS attack that can fetch remote resources. The payload is executed at index.htmladvancedlocation aka the Device Location page...
Design/Logic Flaw
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity who has access to the router admin panel to conduct a DOM-based stored XSS attack that can fetch remote resources. The payload is executed at index.htmladvancedlocation aka the Device Location page...
CVE-2024-28089
Hitron CODA-4582 2AHKM-CODA4589 7.2.4.5.1b8 devices allow a remote attacker within Wi-Fi proximity who has access to the router admin panel to conduct a DOM-based stored XSS attack that can fetch remote resources. The payload is executed at index.htmladvancedlocation aka the Device Location page...