CVE-2024-31972

Name of the Vulnerable Software and Affected Versions EnGenius ESR580 A8J-EMR5000 devices (affected versions not specified)

Description The issue allows a remote attacker to conduct stored XSS attacks, potentially leading to arbitrary JavaScript code execution under the context of the user's session. This is achieved via the Wi-Fi SSID input fields. Web scripts embedded into the vulnerable fields are executed immediately when a user logs into the admin page, specifically affecting the "admin/wifi/wlan1" and "admin/wifi/wlan guest" API endpoints.

Recommendations As a temporary workaround, consider restricting access to the /admin/wifi/wlan1 and /admin/wifi/wlan guest API endpoints until a patch is available. Avoid using the Wi-Fi SSID input fields in the admin page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.