Authenticated Stored Cross-Site Scripting Vulnerability Affects TP-Link Router

CVE-2024-4224

Currently unrated 🤨

Key Information

Vendor: TP-Link
Vendor: CVE Published:; 15 July 2024

Summary

An authenticated stored cross-site scripting (XSS) exists in the TP-Link TL-SG1016DE affecting version TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, which could allow an adversary to run JavaScript in an administrator's browser. This issue was fixed in TL-SG1016DE(UN) V7_1.0.1 Build 20240628.

Timeline

Vulnerability published.
Jul 15, 2024

Collectors

NVD Database