Lucene search
K

168 matches found

cve
cve
added 2026/04/02 2:45 p.m.7 views

CVE-2026-34801

CVE-2026-34801 : Endian Firewall versions 3.3.25 and earlier are affected by a stored XSS vulnerability in the remark parameter of /manage/dhcp/fixed_leases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page. No exploita...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/04/02 2:45 p.m.23 views

CVE-2026-34799 Endian Firewall /manage/dnsmasq/hosts/ remark Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00168EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/02 2:45 p.m.3 views

CVE-2026-34799 Endian Firewall /manage/dnsmasq/hosts/ remark Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS6AI score0.00168EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/04/02 2:45 p.m.6 views

CVE-2026-34799

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/dnsmasq/hosts/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References3Affected Software1
cve
cve
added 2026/04/02 2:45 p.m.16 views

CVE-2026-34799

Endian Firewall versions 3.3.25 and earlier are affected by a stored XSS in the remark field of /manage/dnsmasq/hosts/. An authenticated attacker can inject JavaScript that is stored and executed when other users view the page, enabling client-side script execution within the web UI context. The ...

6.4CVSS5.9AI score0.00168EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/04/02 2:45 p.m.3 views

CVE-2026-34798

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/routing.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00172EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/04/02 2:45 p.m.24 views

CVE-2026-34798 Endian Firewall /cgi-bin/routing.cgi remark Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/routing.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS0.00172EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/04/02 2:45 p.m.2 views

CVE-2026-34798 Endian Firewall /cgi-bin/routing.cgi remark Stored Cross-Site Scripting

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/routing.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00172EPSS
Exploits0References2
cve
cve
added 2026/04/02 2:45 p.m.8 views

CVE-2026-34798

CVE-2026-34798 affects Endian Firewall,

6.4CVSS5.9AI score0.00172EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.5 views

PT-2026-29771

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/xtaccess.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.6 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/xtaccess.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.8 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/zonefw.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.7 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/dnat.cgi, and can be exploited by an attacker to inject malicious JavaScri...

6.4CVSS5.7AI score0.00168EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.8 views

PT-2026-29780

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /manage/ipsec/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.11 views

PT-2026-29767

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/incoming.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00205EPSS
Exploits0References3
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.6 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /cgi-bin/incoming.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00205EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.7 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. Cross-site scripting vulnerability in Endian Firewall remark parameterThe vulnerability stems from improper handling of the remark parameter in /cgi-bin/outgoingfw.cgi, which can be exploited by an attacker to inject malicious...

6.4CVSS5.8AI score0.00138EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.8 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall remark parameter, which stems from improper handling of the remark parameter in /manage/password/web/, and can be exploited by an attacker to inject malicious scri...

6.4CVSS5.7AI score0.00138EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/02 12:0 a.m.10 views

Endian Firewall 跨站脚本漏洞

Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall REMARK parameter, which stems from improper handling of the REMARK parameter in /cgi-bin/openvpnclient.cgi, and can be exploited by an attacker to inject malicious...

6.4CVSS5.7AI score0.00179EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/02 12:0 a.m.5 views

PT-2026-29769

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...

6.4CVSS5.9AI score0.00138EPSS
Exploits0References3
Rows per page
Query Builder