CVE-2024-32334Cross-site Scripting in N300rt Firmware

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 69.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Totolink N300rt Firmware
Timeline
PublishedApr 18

Description

TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:LExploitability: 2.3 | Impact: 3.7

Affected Packages1 packages

NVDtotolink/n300rt_firmware2.1.8-b20201030.1539

🔴Vulnerability Details

2
CVEList
CVE-2024-32334: TOTOLINK N300RT V22024-04-18
GHSA
GHSA-m37q-xj87-cf4v: TOTOLINK N300RT V22024-04-18
CVE-2024-32334 — Cross-site Scripting | cvebase