Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in multiple scripts in Forms/ in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 allow remote attackers to inject arbitrary web script or HTML via the (1) BackButton parameter to error_1; (2) wzConnFlag parameter to fresh_pppoe_1; (3) diag_pppindex_argen and (4) DiagStartFlag parameters to rpDiag_argen_1; (5) wzdmz_active and (6) wzdmzHostIP parameters to rpNATdmz_argen_1; (7) wzVIRTUALSVR_endPort, (8) wzVIRTUALSVR_endPortLocal, (9) wzVIRTUALSVR_IndexFlag, (10) wzVIRTUALSVR_localIP, (11) wzVIRTUALSVR_startPort, and (12) wzVIRTUALSVR_startPortLocal parameters to rpNATvirsvr_argen_1; (13) Connect_DialFlag, (14) Connect_DialHidden, and (15) Connect_Flag parameters to rpStatus_argen_1; (16) Telephone_select, and (17) wzFirstFlag parameters to rpwizard_1; and (18) wzConnectFlag parameter to rpwizPppoe_1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
华为MT882l路由器多个跨站脚本攻击漏洞
Vulnerability Description
华为MT882l是一款小型的ADSL调制解调器。 MT882l猫的Forms/中的多个脚本没有正确地过滤用户所提交的参数请求,远程攻击者可以通过向error_1、fresh_pppoe_1、rpDiag_argen_1、rpNATdmz_argen_1、rpNATvirsvr_argen_1、rpStatus_argen_1、rpwizard_1、rpwizPppoe_1等页面传送多个特制参数执行跨站脚本攻击;
CVSS Information
N/A
Vulnerability Type
N/A