Cross Site Scripting Vulnerability in BDCOM P3310D by BDCOM
CVE-2026-6997

4.8MEDIUM

Key Information:

Vendor: Bdcom
Status: P3310d
Vendor: CVE Published:; 25 April 2026

What is CVE-2026-6997?

A security vulnerability exists within the BDCOM P3310D, specifically linked to the New RMON History Page component. This vulnerability arises from improper handling of the 'Owner' argument, allowing potential attackers to manipulate data and execute cross site scripting attacks. Given that remote exploitation is feasible, this vulnerability poses a significant risk to affected systems. As of now, there has been no acknowledgment from BDCOM regarding this issue, following early notifications about the security exposure.

Affected Version(s)

P3310D 0.4.2 10.1.0F Build 86345

References

https://vuldb.com/vuln/359556

vdb-entrytechnical-description

https://vuldb.com/vuln/359556/cti

signaturepermissions-required

https://vuldb.com/submit/797248

third-party-advisory

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2026
Vulnerability Reserved
Apr 24, 2026

Credit

Havook (VulDB User)

VulDB CNA Team

CVE-2026-6997 Data

JSON

Bdcom

What is CVE-2026-6997?

Affected Version(s)

References

CVSS V4

Timeline

Credit