CVE-2018-10609

Name of the Vulnerable Software and Affected Versions Martem TELEM GW6 and GWM devices with firmware prior to 2018.04.18-linux 4-01-601cb47

Description The issue allows for improper sanitization of data over a Websocket, potentially leading to cross-site scripting and client-side code execution with the privileges of the target user.

Recommendations For Martem TELEM GW6 and GWM devices with firmware prior to 2018.04.18-linux 4-01-601cb47, update the firmware to a version later than 2018.04.18-linux 4-01-601cb47 to resolve the issue. As a temporary workaround, consider restricting access to the Websocket to minimize the risk of exploitation.