← back
CVE-2013-5218

CVE-2013-5218

EPSS 3.8%
Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.htmlunverifiedexploitdbwww.exploit-db.com/exploits/29518unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.htmlhttp://www.youtube.com/watch?v=CPlT09ZIj48