CVE-2024-53563

Name of the Vulnerable Software and Affected Versions Arcadyan Meteor 2 CPE FG360 Firmware version ETV2.10

Description A stored cross-site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. This enables the execution of malicious scripts on the device.

Recommendations For Arcadyan Meteor 2 CPE FG360 Firmware version ETV2.10, consider disabling the web interface or restricting access to it until a patch is available. Avoid using the device's web interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.