CVE-2024-51187
MEDIUMTrendnet Tew-651br Firmware - XSS
Title source: ruleDescription
TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b01, and TEW-652BRU 1.00b12 devices contain a Store Cross-site scripting (XSS) vulnerability via the firewallRule_Name_1.1.1.0.0 parameter on the /firewall_setting.htm page.
Scores
CVSS v3
4.8
EPSS
0.0008
EPSS Percentile
24.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (3)
trendnet/tew-651br_firmware
trendnet/tew-652brp_firmware
trendnet/tew-652bru_firmware
Timeline
Published
Nov 11, 2024
Tracked Since
Feb 18, 2026