ChinaMobile PLC Wireless Router Vulnerability [CVE-2018-20326]

January 2, 2019 Duncan 2756 Views 0 Comments ChinaMobile PLC, CVE-2018-20326, XSS 0 min read

CVE Number – CVE-2018-20326

ChinaMobile PLC Wireless Router’s are vulnerable to a Reflected Cross Site Scripting (XSS).With this attack, the threat actor can steal cookies, session id, username or other sensitive information redirect an innocent victim to a malicious website, thus compromising the user.

Version: GPN2.4P21-C-CN (Firmware: W2001EN-00)

Further details – https://0dayfindings.home.blog/2018/12/26/plc-wireless-router-gpn2-4p21-c-cn-reflected-xss/ and https://packetstormsecurity.com/files/150918/PLC-Wireless-Router-GPN2.4P21-C-CN-Cross-Site-Scripting.html

Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

ChinaMobile PLC Wireless Router Vulnerability [CVE-2018-20326]

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply

Share this:

Like this:

Related Posts

Duncan

Leave a ReplyCancel reply