CVE-2018-20373 — Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client. | CVE Daily

Medium CVSS 5.4

Overview

Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.

CWE: CWE-79 Published: 2018-12-23T02:29:00.547

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.4 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Recommended tools

Tags