CVE-2024-32332

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.2%
top 60.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Totolink N300rt Firmware
Timeline
PublishedApr 18

Description

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

NVDtotolink/n300rt_firmware2.1.8-b20201030.1539

🔴Vulnerability Details

2
GHSA
GHSA-6qpm-68vc-gfr6: TOTOLINK N300RT V22024-04-18
CVEList
CVE-2024-32332: TOTOLINK N300RT V22024-04-18
CVE-2024-32332 (MEDIUM CVSS 6.1) | TOTOLINK N300RT V2.1.8-B20201030.15 | cvebase.io