CVE-2024-28728

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Published Nov 12, 2024

Updated: Nov 13, 2024

CWE ID 79

Summary

CVE-2024-28728 is a Cross-Site Scripting (XSS) vulnerability affecting D-Link DWR 2000M 5G CPE With Wifi 6 Ax1800 and DWR-5G CPE DWR-2000M_1.34ME devices. An attacker in a local network can exploit this flaw by injecting a malicious payload into the WiFi SSID Name field. Successful exploitation may result in the attacker gaining access to sensitive information. Users are advised to apply the recommended security patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uzXT9H
https://www.cve.org/CVERecord?id=CVE-2024-28728
https://nvd.nist.gov/vuln/detail/CVE-2024-28728

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2024-28728

CVSS 3.1 Score 6.6 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations