Lucene search

MitreVULNRICHMENT:CVE-2024-32335

HistoryApr 18, 2024 - 12:00 a.m.

CVE-2024-32335

2024-04-1800:00:00

mitre

github.com

totolink n300rt

v2.1.8-b20201030.1539

cross-site scripting

access control

wireless page

cve-2024-32335

AI Score

Confidence

High

EPSS

Percentile

9.0%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:totolink:n300rt_firmware:-:*:*:*:*:*:*:*"
    ],
    "vendor": "totolink",
    "product": "n300rt_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.1.8-B20201030.1539",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

github.com/4hsien/CVE-vulns/blob/main/TOTOLINK/N300RT/XSS_2_Access_Control/README.md

www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/154.html