CVE-2024-32326

2024-04-1800:00:00

mitre

www.cve.org

totolink

ex200

v4.0.3c.7646_b20201211

xss vulnerability

setwifiextenderconfig function

cross-site scripting

6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function.

References

github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/EX200/XSS_key/README.md

www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/144.html