Trendnet · Trendnet Tv-Ip110Wn · CVE-2021-31655
**Name of the Vulnerable Software and Affected Versions**
TRENDnet TV-IP110WN versions 1.2.2.64 through 1.2.2.68
**Description**
The issue is related to a Cross Site Scripting (XSS) vulnerability. It occurs via the `profile` parameter in a GET request in `view.cgi`. This allows for potential malicious script execution.
**Recommendations**
For versions 1.2.2.64 through 1.2.2.68, consider disabling the `view.cgi` script or restricting access to it until a patch is available. Avoid using the `profile` parameter in the affected GET request endpoint until the issue is resolved.