Nk

**Name of the Vulnerable Software and Affected Versions** Arcadyan Meteor 2 CPE FG360 Firmware version ETV2.10 **Description** A stored cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. This enables the execution of malicious scripts on the device. **Recommendations** For Arcadyan Meteor 2 CPE FG360 Firmware version ETV2.10, consider disabling the web interface or restricting access to it until a patch is available. Avoid using the device's web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME Dlink DWR 5G CPE version DWR-2000M 1.34ME **Description** An issue in the affected devices allows a local attacker to execute arbitrary code via a crafted payload to the Diagnostics function. This enables the attacker to potentially gain control over the device. **Recommendations** For DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME, consider disabling the Diagnostics function until a patch is available. For Dlink DWR 5G CPE version DWR-2000M 1.34ME, consider disabling the Diagnostics function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME Dlink DWR 5G CPE version DWR-2000M 1.34ME **Description** The issue allows a local attacker to obtain sensitive information via a crafted payload to the `WiFi SSID Name` field. This is a Cross Site Scripting vulnerability. **Recommendations** For DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME, avoid using crafted payloads in the WiFi SSID Name field until a fix is available. For Dlink DWR 5G CPE version DWR-2000M 1.34ME, restrict access to the WiFi SSID Name field to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME Dlink DWR 5G CPE version DWR-2000M 1.34ME **Description** The issue allows a local attacker to execute arbitrary code via a crafted request. **Recommendations** For DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version DWR-2000M 1.34ME, at the moment, there is no information about a newer version that contains a fix for this issue. For Dlink DWR 5G CPE version DWR-2000M 1.34ME, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version 1.34ME Dlink DWR 5G CPE DWR-2000M version 1.34ME **Description** The issue allows a local attacker to obtain sensitive information via the Port forwarding option. This is related to a Cross Site Request Forgery vulnerability. **Recommendations** For DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 version 1.34ME, consider disabling the Port forwarding option until a patch is available. For Dlink DWR 5G CPE DWR-2000M version 1.34ME, consider disabling the Port forwarding option until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.