CVE-2026-6997

LOW

BDCOM P3310D New RMON History cross site scripting

Title source: cna

Description

A security vulnerability has been detected in BDCOM P3310D 0.4.2 10.1.0F Build 86345. This impacts an unknown function of the component New RMON History Page. The manipulation of the argument Owner leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (3)

[Vdb Entry, Technical Description] https://vuldb.com/vuln/359556

[Signature, Permissions Required] https://vuldb.com/vuln/359556/cti

[Third Party Advisory] https://vuldb.com/submit/797248

Scores

CVSS v3 2.4

EPSS 0.0001

EPSS Percentile 1.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79 CWE-94

Status published

Products (1)

BDCOM/P3310D 0.4.2 10.1.0F Build 86345

Published Apr 25, 2026

Tracked Since Apr 26, 2026