Cross Site Scripting Vulnerability in Datacom DM4100 by Datacom
CVE-2026-7000

4.8MEDIUM

Key Information:

Vendor: Datacom
Status: Dm4100
Vendor: CVE Published:; 25 April 2026

What is CVE-2026-7000?

A security vulnerability exists in the Datacom DM4100, specifically within the VLAN Page component. This weakness allows for Cross Site Scripting (XSS) attacks, where an attacker can manipulate the 'VLAN Name' argument to inject malicious scripts. As a result, the attack can be executed remotely, exposing users to potential data breaches and unauthorized actions. Despite early notifications regarding the exploit, the vendor has yet to respond.