Cross-site Scripting Vulnerability in TRENDnet Wireless Routers
CVE-2024-51187

Currently unrated

Key Information:

Vendor

TRENDnet

Status
TRENDnet Wireless Routers
Vendor
CVE Published:
11 November 2024

What is CVE-2024-51187?

TRENDnet's wireless routers—specifically the TEW-651BR, TEW-652BRP, and TEW-652BRU—expose a Cross-site Scripting (XSS) vulnerability through the firewallRule_Name_1.1.1.0.0 parameter on the firewall_setting.htm page. This vulnerability allows attackers to inject malicious scripts, potentially compromising user data and leading to unauthorized actions within the router interface. Mitigation measures should be implemented to secure affected devices from potential exploitation.

References

https://www.trendnet.com/products/product-detail?prod=245...
https://www.trendnet.com/products/product-detail?prod=235...
https://www.trendnet.com/products/product-detail?prod=235...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.