Exploitation Summary
EIP tracks 1 public exploit for CVE-2022-47052. PoCs published by dest-3.
AI-analyzed exploit summary This repository provides a detailed writeup of CVE-2022-47052, a CRLF injection vulnerability in the Nighthawk R6220 AC1200 Smart Wi-Fi Router. The vulnerability allows unauthenticated remote attackers to perform reflected XSS and HTML injection via crafted URLs, potentially leading to credential theft or administrative actions.
Description
The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
Exploits (1)
This repository provides a detailed writeup of CVE-2022-47052, a CRLF injection vulnerability in the Nighthawk R6220 AC1200 Smart Wi-Fi Router. The vulnerability allows unauthenticated remote attackers to perform reflected XSS and HTML injection via crafted URLs, potentially leading to credential theft or administrative actions.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N