CVE-2022-40846

Name of the Vulnerable Software and Affected Versions Tenda AC1200 Router version 15.11.0.10(1576)

Description A Stored Cross Site Scripting (XSS) issue exists, allowing an attacker to execute JavaScript code via the application's stored hostname. This enables the attacker to potentially manipulate the application's behavior or steal sensitive information.

Recommendations For Tenda AC1200 Router version 15.11.0.10(1576), consider restricting access to the hostname storage functionality until a patch is available. As a temporary workaround, avoid using the stored hostname feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.