Vulnerability Details CVE-2024-51188
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the vsRule_VirtualServerName_1.1.10.0.0 parameter on the /virtual_server.htm page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.9%
CVSS Severity
CVSS v3 Score 4.8
References
- https://github.com/4hsien/CVE-vulns/blob/main/TRENDnet/TEW-652BRP/XSS_Virtual_Server/README.md
- https://www.trendnet.com/products/product-detail?prod=235_TEW-651BR
- https://www.trendnet.com/products/product-detail?prod=235_TEW-652BRP
- https://www.trendnet.com/products/product-detail?prod=245_TEW-652BRU
Products affected by CVE-2024-51188
-
cpe:2.3:h:trendnet:tew-651br:-
-
cpe:2.3:h:trendnet:tew-652brp:-
-
cpe:2.3:h:trendnet:tew-652bru:-
-
cpe:2.3:o:trendnet:tew-651br_firmware:2.04b1
-
cpe:2.3:o:trendnet:tew-652brp_firmware:3.04b01
-
cpe:2.3:o:trendnet:tew-652bru_firmware:1.00b12