Security Advisories
Vulnerabilities identified by Horizon during security assessments and research activities
Vulnerabilities identified by Horizon during security assessments and research activities
Horizon Security identified multiple Cross-Site Scripting (Stored) vulnerabilities in the management web interface exposed by some DrayTek router models. These vulnerabilities can allow an unauthenticated attacker, able to reach the home page of the interface, to inject and store malicious JavaScript code via vulnerable CGI scripts.
Thursday, 2 March 2023
Horizon Security Staff