CVE-2024-3576

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published May 6, 2024

Updated: May 7, 2024

CWE ID 79

Summary

CVE-2024-3576 is a web server Cross-Site Scripting (XSS) vulnerability affecting the NPort 5100A Series firmware versions v1.6 and prior. This issue arises due to the firmware's failure to adequately sanitize user-controllable input, enabling attackers to inject malicious scripts into web pagesviewed by other users. Successful exploitation can result in the theft of sensitive information or privilege escalation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v-fN9B
https://www.cve.org/CVERecord?id=CVE-2024-3576
https://nvd.nist.gov/vuln/detail/CVE-2024-3576

Back to Vulnerability Database

CVE-2024-3576

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations