CVE-2022-45028 Information

Description

A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.

Reference

https://drive.google.com/file/d/1AHqvciVNMQpUoomFgtctnByewkkr24kB/view https://seanpesce.blogspot.com/2022/11/unauthenticated-stored-xss-in-arris.html