CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-5218

Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with software 2.1.11 allows remote attackers to inject arbitrary web script or HTML via a crafted DHCP Host Name option, which is not properly handled during rendering of the DHCP table in wlanAccess.asp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.0%

CVSS Severity

CVSS v2 Score 2.9

References

http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html
http://www.youtube.com/watch?v=CPlT09ZIj48
http://packetstormsecurity.com/files/123901/HOTBOX-2.1.11-CSRF-Traversal-Denial-Of-Service.html
http://www.youtube.com/watch?v=CPlT09ZIj48

Products affected by CVE-2013-5218

Hot » Hotbox Router » Version: N/A

cpe:2.3:h:hot:hotbox_router:-
Hot » Hotbox Router Firmware » Version: 2.1.11

cpe:2.3:o:hot:hotbox_router_firmware:2.1.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-5218

Products

Pricing

Contact Us