CVE-2024-38380

MEDIUM

Millbeckcommunications ProRoute H685T-W Firmware - Reflected XSS

Title source: llm
STIX 2.1

Description

This vulnerability occurs when user-supplied input is improperly sanitized and then reflected back to the user's browser, allowing an attacker to execute arbitrary JavaScript in the context of the victim's browser session.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-24-261-02

Scores

CVSS v3 5.5
EPSS 0.0040
EPSS Percentile 32.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
millbeckcommunications/proroute_h685t-w_firmware 3.2.334
Published Sep 17, 2024
Tracked Since Feb 18, 2026