Stored Cross-Site Scripting Vulnerability in Vonage HT802 Devices
CVE-2017-16564
5.4MEDIUM
What is CVE-2017-16564?
A stored cross-site scripting vulnerability exists on Vonage (Grandstream) HT802 devices. This security flaw allows remote authenticated users to inject arbitrary web scripts or HTML via the DHCP vendor class ID field, potentially compromising the integrity of the device and enabling the execution of malicious code.