Vulnerabilities > Grandstream > Ht802 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-11-06 CVE-2017-16564 Cross-site Scripting vulnerability in Grandstream Ht802 Firmware
Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on Vonage (Grandstream) HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field (P148).
network
low complexity
grandstream CWE-79
5.4