Back

CVE-2024-45836

Sept. 26, 2024, 1:32 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

PLANEX COMMUNICATIONS network cameras

Source

vultures@jpcert.or.jp

Tags

CWE-79
vultures@jpcert.or.jp
2024-09-26
CVE-2024-45836

CVE-2024-45836 details

Published : Sept. 26, 2024, 5:15 a.m.
Last Modified : Sept. 26, 2024, 1:32 p.m.

Description

Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the web browser of the user.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

URL Source
https://jvn.jp/en/jp/JVN81966868/ vultures@jpcert.or.jp
This website uses the NVD API, but is not approved or certified by it.