Skip to main content

TR7 WAF-ASP CVE-2026-4770

| EUVDEUVD-2026-41369 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-07-02 TR-CERT GHSA-w8ww-7f32-x6g5
4.6
CVSS 3.1 · Vendor: TR-CERT
Share

Severity by source

Vendor (TR-CERT) PRIMARY
4.6 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
vuln.today AI
4.6 MEDIUM

Authenticated (PR:L) DOM-XSS requiring victim browser interaction (UI:R); network-reachable management UI; low and symmetrical C/I impact; no availability or scope change.

3.1 AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (TR-CERT).

CVSS VectorVendor: TR-CERT

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jul 02, 2026 - 13:15 vuln.today

DescriptionCVE.org

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in TR7 Cyber ​​Defense Inc. Web Application Firewall allows DOM-Based XSS.

This issue affects Web Application Firewall: from v1.0.42.239 before v1.4.0.117.

AnalysisAI

DOM-Based cross-site scripting in TR7 Cyber Defense Inc.'s WAF-ASP product allows an authenticated low-privilege attacker to inject malicious JavaScript that executes in the browser of any user who interacts with a crafted page within the WAF's web interface. Affected versions span v1.0.42.239 through versions prior to v1.4.0.117. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Obtain low-privilege WAF-ASP credentials
Delivery
Identify DOM-writable input vector in management interface
Exploit
Craft malicious URL or payload exploiting DOM sink
Install
Deliver crafted link to privileged victim user
C2
Victim loads page in authenticated browser session
Execute
DOM executes attacker JavaScript
Impact
Harvest session token or alter WAF configuration

Vulnerability AssessmentAI

Exploitation Exploitation requires an attacker to hold authenticated low-privilege access to the TR7 WAF-ASP web management interface (PR:L per CVSS vector), meaning valid credentials are a hard prerequisite. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N) scores 4.6 (Medium), and this assessment aligns with the realistic risk profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained low-privilege credentials for the TR7 WAF-ASP web interface crafts a URL or page input containing a malicious JavaScript payload exploiting a DOM sink in the management UI. The attacker then social-engineers a higher-privileged administrator into clicking the link or navigating to the crafted page; the victim's browser executes the attacker's script in the context of the WAF management session, potentially enabling session token theft or unauthorized configuration changes within the WAF.
Remediation Upgrade TR7 WAF-ASP to version v1.4.0.117 or later, which is the confirmed fix version per the CVE description. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-4770 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy