Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability exists in the web interface session cookie functionality of InHand Networks InRouter302 V3.5.4. The session cookie misses the HttpOnly flag, making it accessible via JavaScript and thus allowing an attacker, able to perform an XSS attack, to steal the session cookie.
CVSS Information
N/A
Vulnerability Type
没有’HttpOnly’标志的敏感Cookie
Vulnerability Title
InHand Networks InRouter302 跨站脚本漏洞
Vulnerability Description
InHand Networks InRouter Series是美国InHand Networks公司的一系列路由器。 InHand Networks InRouter302 3.5.4版本存在安全漏洞,该漏洞源于Web界面会话cookie功能存在信息泄露漏洞。
CVSS Information
N/A
Vulnerability Type
N/A