CVE-2023-30405

Name of the Vulnerable Software and Affected Versions Aigital Wireless-N Repeater Mini Router version 0.131229

Description A cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wl ssid parameter at "/boafrm/formHomeWlanSetup". This enables attackers to potentially manipulate the web interface of the affected device.

Recommendations For Aigital Wireless-N Repeater Mini Router version 0.131229, as a temporary workaround, consider restricting access to the "/boafrm/formHomeWlanSetup" endpoint to minimize the risk of exploitation. Avoid using the wl ssid parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.