CVE-2023-5789

Name of the Vulnerable Software and Affected Versions Dragon Path 707GR1 up to 20231022

Description A vulnerability has been found in the Ping Diagnostics component of Dragon Path 707GR1. The issue arises from the manipulation of the Host Address argument with a specific input, ><img/src/onerror=alert(1)>, leading to cross-site scripting. This can be exploited remotely. The exploit has been publicly disclosed.

Recommendations For Dragon Path 707GR1 up to 20231022, as a temporary workaround, consider restricting the input for the Host Address argument to prevent cross-site scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.