CVE-2024-31971

2024-07-2400:00:00

mitre

github.com

stored xss

adtran netvanta 3120

remote injection

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

21.6%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

UNSUPPORTED WHEN ASSIGNED Multiple stored cross-site scripting (XSS) vulnerabilities on AdTran NetVanta 3120 18.01.01.00.E devices allow remote attackers to inject arbitrary JavaScript, as demonstrated by /mainPassword.html, /processIdentity.html, /public.html, /dhcp.html, /private.html, /hostname.html, /connectivity.html, /NetworkMonitor.html, /trafficMonitoringConfig.html, and /wizardMain.html.