CVE-2017-9931
Green Packet DX-350 firmware v2.8.9.5-g1.4.8-atheeb contains a cross-site scripting (XSS) vulnerability. The flaw is triggered by the action parameter to ajax.cgi, enabling injection of arbitrary web script or HTML in the affected device.