Endian

Firewall Community

35 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2026-34813

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:06
  • Zuletzt bearbeitet 06.04.2026 16:14:20

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/proxyuser.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affecte...

5.4

CVE-2026-34812

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:05
  • Zuletzt bearbeitet 06.04.2026 16:14:33

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the mimetypes parameter to /cgi-bin/proxypolicy.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the ...

5.4

CVE-2026-34811

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:05
  • Zuletzt bearbeitet 07.04.2026 14:22:02

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/xtaccess.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affect...

5.4

CVE-2026-34810

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:04
  • Zuletzt bearbeitet 07.04.2026 14:26:39

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/vpnfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected ...

5.4

CVE-2026-34809

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:02
  • Zuletzt bearbeitet 07.04.2026 14:28:39

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/zonefw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected...

5.4

CVE-2026-34808

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:01
  • Zuletzt bearbeitet 07.04.2026 14:28:55

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/outgoingfw.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affe...

5.4

CVE-2026-34807

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:01
  • Zuletzt bearbeitet 07.04.2026 15:40:10

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/incoming.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affect...

5.4

CVE-2026-34806

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:46:00
  • Zuletzt bearbeitet 07.04.2026 15:40:22

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/snat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected p...

5.4

CVE-2026-34805

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:45:59
  • Zuletzt bearbeitet 07.04.2026 15:40:33

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/dnat.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected p...

5.4

CVE-2026-34804

  • EPSS 0.03%
  • Veröffentlicht 02.04.2026 14:45:57
  • Zuletzt bearbeitet 07.04.2026 15:40:40

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the dscp parameter to /manage/qos/rules/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected pa...