CVE-2023-24050

Name of the Vulnerable Software and Affected Versions Connectize AC21000 G6 version 641.139.1.1256

Description The issue is related to a Cross Site Scripting (XSS) vulnerability that allows attackers to run arbitrary code via a crafted string when setting the Wi-Fi password in the admin panel. This can be exploited by a remote attacker to change the Wi-Fi password. The vulnerability is associated with the lack of protection of the web page structure.

Recommendations For Connectize AC21000 G6 version 641.139.1.1256, as a temporary workaround, consider restricting access to the admin panel until a patch is available. Avoid using the admin panel to set the Wi-Fi password until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.