Store Cross-site Scripting Vulnerability in TRENDnet Wireless Routers
CVE-2024-51188

Currently unrated

Key Information:

Vendor

TRENDnet

Status
TEW-651BR, TEW-652BRP, TEW-652BRU
Vendor
CVE Published:
11 November 2024

What is CVE-2024-51188?

TRENDnet's wireless routers, including the TEW-651BR, TEW-652BRP, and TEW-652BRU models, exhibit a Store Cross-site Scripting vulnerability that can be exploited via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page. Attackers can potentially inject malicious scripts, compromising the security of the devices and the data they handle. Users are advised to review their device configurations and apply any available security patches to mitigate potential risks.

References

https://www.trendnet.com/products/product-detail?prod=245...
https://www.trendnet.com/products/product-detail?prod=235...
https://www.trendnet.com/products/product-detail?prod=235...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.