XSS Vulnerability in TRENDnet TEW-651BR, TEW-652BRP, and TEW-652BRU Devices
CVE-2024-51189

Currently unrated

Key Information:

Vendor

TRENDnet

Status
TRENDnet TEW-651BR, TEW-652BRP, TEW-652BRU
Vendor
CVE Published:
11 November 2024

What is CVE-2024-51189?

TRENDnet TEW-651BR, TEW-652BRP, and TEW-652BRU devices are vulnerable to a Store Cross-site Scripting (XSS) attack via the macList_Name_1.1.1.0.0 parameter on the /filters.htm page. This flaw allows attackers to inject malicious scripts into the web pages viewed by other users, potentially compromising the confidentiality and integrity of user interactions with the device. Implementing security best practices and updating to the latest firmware versions can mitigate such vulnerabilities.

References

https://www.trendnet.com/products/product-detail?prod=245...
https://www.trendnet.com/products/product-detail?prod=235...
https://www.trendnet.com/products/product-detail?prod=235...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.