CVE-2024-9792

CVSS 3.1 Score 2.4 of 10 (low)

Details

Published Oct 10, 2024
Updated: Oct 15, 2024
CWE ID 79

Summary

CVE-2024-9792 identifies a cross-site scripting vulnerability in the D-Link DSL-2750U R5B017, specifically affecting the Port Forwarding Page component. This vulnerability arises from improper handling of the PortMappingDescription argument, allowing remote attackers to execute scripts on users' browsers under certain conditions. The attack requires high privileges and user interaction, with a low complexity rating. Organizations can mitigate this risk by ensuring proper input validation and sanitization measures are applied to user inputs on affected pages. If exploited, this vulnerability poses a potential risk of information disclosure or user session hijacking within the network environment.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share