VYPR
leads to cro","datePublished":"2024-09-11T20:15:03.503Z","dateModified":"2026-04-15T00:35:42.02Z","publisher":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"author":{"@type":"Organization","@id":"https://portal.vyprsec.ai#publisher","name":"VYPR","url":"https://portal.vyprsec.ai","logo":{"@type":"ImageObject","url":"https://portal.vyprsec.ai/icon.svg","width":64,"height":64},"description":"Real-time CVE intelligence newsroom — feeds, exploits, vendor advisories, and AI-synthesized insights."},"proficiencyLevel":"Expert","about":{"@type":"Thing","@id":"https://nvd.nist.gov/vuln/detail/CVE-2024-8693","name":"CVE-2024-8693","identifier":"CVE-2024-8693","description":"A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8693"]},"keywords":"CVE-2024-8693, Low, CWE-79, Peritocibernetico Clarodhcpxss, KAON CG3000TC","mentions":[{"@type":"SoftwareApplication","name":"Clarodhcpxss","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Peritocibernetico"}},{"@type":"SoftwareApplication","name":"CG3000TC","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"KAON"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2024-8693","item":"https://portal.vyprsec.ai/cves/CVE-2024-8693"}]}]}
← All advisories
Low severity2.4NVD Advisory· Published Sep 11, 2024· Updated Apr 15, 2026

CVE-2024-8693

CVE-2024-8693

Description

A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

An authenticated stored XSS in Kaon CG3000 routers allows attacker-injected script execution via the dhcpcd command's -h argument.

Vulnerability

Analysis

A stored cross-site scripting (XSS) vulnerability exists in Kaon CG3000 routers (firmware version 1.01.43) used by Claro in Brazil. The root cause is that the router's operating system fails to sanitize hostname data received via DHCP. The flaw is triggered through the dhcpcd command handler: by manipulating the -h argument with a payload like ``, an attacker can inject arbitrary JavaScript into the router's management interface [1].

Exploitation

To exploit the vulnerability, an attacker must be able to send crafted DHCP requests containing a malicious hostname. The injected script is stored and executed the next time an authenticated administrator logs into the router's web interface, specifically on the first page displayed after authentication. This means the attack requires prior network access (e.g., connecting to the router's LAN or Wi-Fi) but no additional user interaction beyond the administrator's normal login [1].

Impact

Successful exploitation allows an attacker to execute arbitrary JavaScript in the context of the router's administrative session. This could be used to steal session cookies, modify router settings, or perform actions as the authenticated admin, potentially leading to further compromise of the network or devices connected to the router [1].

Mitigation

As of publication, the vendor was contacted but did not respond, and no patch or official advisory has been released [1]. Because the router model may be end-of-life, users are advised to monitor for unauthorized DHCP clients, restrict administrative access to trusted networks, and consider upgrading to a supported device if available.

References
  1. GitHub - peritocibernetico/ClaroDHCPXSS

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.