Security Advisory

CVE-2024-57237

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-03 00:00:00

Last updated 2025-03-03 17:22:46

Assigner mitre

State PUBLISHED

Description

Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter does not properly sanitize input and the response is served with a Content-Type of text/html. This behavior allows the browser to execute injected JavaScript code.

← Browse all CVEs View on cve.org ↗