PT-2022-15874 · Zte · Zte Home Gateway
Published
2022-03-30
·
Updated
2022-04-07
·
CVE-2022-23136
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ZTE home gateway product (affected versions not specified)
Description
The issue is related to a stored XSS vulnerability in the ZTE home gateway product. An attacker can modify the gateway name by inserting special characters, which triggers an XSS attack when the user views the current topology of the device through the management page.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zte Home Gateway