CVE-2026-34801 | Endian Firewall 3.3.25 Parameter fixed_leases remark cross site scripting

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability was found in Endian Firewall 3.3.25 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /manage/dhcp/fixed_leases/ of the component Parameter Handler. Executing a manipulation of the argument remark can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-34801. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-34801 | Endian Firewall 3.3.25 Parameter fixed_leases remark cross site scripting

Post correlati

CVE-2024-51122 | Zertificon Z1 SecureMail Z1 CertServer 3.16.4-2516-debian12 ST/L/O/OU/CN cross site scripting

CVE-2023-49278 | Umbraco CMS up to 8.18.9/10.8.0/12.3.3 information disclosure (GHSA-7×74-h8cw-qhxq)

CVE-2024-21207 | Oracle MySQL Server up to 8.0.38/8.4.1/9.0.1 InnoDB denial of service

CVE-2024-27488 | ZLMediaKit up to 8.0 HTTP API Interface secret hard-coded password