Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter.
Cross Site Scripting (XSS) in Digisol DG-HR3400 Router
CVE-2020-35262: Stored XSS in Digisol DG-HR3400 Router
Vulnerability Description
It has been identified that the vulnerable endpoint doesn't have server side input validation and lacks client side filtering for any malicious script injection An attacker can use this vulnerability to inject malicious script in the endpoint and the script is activated every time a user open