CVE-2024-9792
CVSS 3.1 Score 2.4 of 10 (low)
Details
Summary
CVE-2024-9792 identifies a cross-site scripting vulnerability in the D-Link DSL-2750U R5B017, specifically affecting the Port Forwarding Page component. This vulnerability arises from improper handling of the PortMappingDescription argument, allowing remote attackers to execute scripts on users' browsers under certain conditions. The attack requires high privileges and user interaction, with a low complexity rating. Organizations can mitigate this risk by ensuring proper input validation and sanitization measures are applied to user inputs on affected pages. If exploited, this vulnerability poses a potential risk of information disclosure or user session hijacking within the network environment.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.