CVE-2020-37148

LOW

P5 FNIP-8x16A/FNIP-4xSH <1.0.20, 1.0.11 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37148. PoCs published by LiquidWorm.

AI-analyzed exploit summary The exploit demonstrates a CSRF vulnerability in P5 FNIP-8x16A/FNIP-4xSH 1.0.20/1.0.11, allowing an attacker to add an admin user or change the admin password via crafted HTTP POST requests. It also includes an XSS payload to execute arbitrary JavaScript in the context of the affected site.

Description

P5 FNIP-8x16A/FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from a stored cross-site scripting vulnerability. Input passed to several GET/POST parameters is not properly sanitized before being returned to the user, allowing attackers to execute arbitrary HTML and script code in a user's browser session in the context of the affected site. This can be exploited by submitting crafted input to the label modification functionality, such as the 'lab4' parameter in config.html.

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappshardware

https://www.exploit-db.com/exploits/48362

View Code ZIP pw:eip

The exploit demonstrates a CSRF vulnerability in P5 FNIP-8x16A/FNIP-4xSH 1.0.20/1.0.11, allowing an attacker to add an admin user or change the admin password via crafted HTTP POST requests. It also includes an XSS payload to execute arbitrary JavaScript in the context of the affected site.

Classification

Working Poc 95%

Attack Type

Xss | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: P5 FNIP-8x16A/FNIP-4xSH 1.0.20, 1.0.11

No auth needed

Prerequisites: Victim must visit a malicious webpage while authenticated to the target device

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6

Core References

Third Party Advisory technical-description exploit

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5564.php

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/48362

Exploit, Third Party Advisory exploit

https://packetstormsecurity.com/files/156170/P5-FNIP-8x16A-FNIP-4xSH-1.0.20-CSRF-XSS.html

Third Party Advisory, VDB Entry third-party-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/176993

Various Sources product

https://www.p5.hu/

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/p-fnip-xafnip-xsh-stored-cross-site-scripting-xss

Scores

CVSS v3 3.5

EPSS 0.0025

EPSS Percentile 16.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (4)

P5/FNIP-4xSH 1.0.11

P5/FNIP-4xSH 1.0.20

P5/FNIP-8x16A 1.0.11

P5/FNIP-8x16A 1.0.20

Published Feb 05, 2026

Tracked Since Feb 18, 2026