Skip to main content

Firewall Community EUVDEUVD-2026-18328

| CVE-2026-34823 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-04-02 disclosure@vulncheck.com GHSA-c555-qwvr-3579
5.1
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
P
Scope
X

Lifecycle Timeline

3
EUVD ID Assigned
Apr 02, 2026 - 15:22 euvd
EUVD-2026-18328
Analysis Generated
Apr 02, 2026 - 15:22 vuln.today
CVE Published
Apr 02, 2026 - 15:16 nvd
MEDIUM 5.1

DescriptionCVE.org

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/password/web/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.

AnalysisAI

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the /manage/password/web/ endpoint. The injected payload is persistently stored and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or lateral movement within the firewall management interface. No public exploit code or active exploitation has been confirmed at the time of analysis.

Technical ContextAI

The vulnerability is a classic stored XSS flaw (CWE-79) arising from insufficient input validation and output encoding on the remark parameter in Endian Firewall's web management interface. The /manage/password/web/ endpoint fails to properly sanitize user-supplied input before storing it in a backend database, and subsequently fails to encode the stored data when rendering it in HTML responses. This allows an authenticated administrator or lower-privileged user to craft a payload containing JavaScript that persists across sessions and executes in the browser context of any user who views the affected page, bypassing same-origin policy protections through the trust relationship established by prior authentication. The vulnerability affects Endian Firewall Community Edition version 3.3.25 and all prior releases.

RemediationAI

Upgrade Endian Firewall to a version released after 3.3.25 that includes XSS input validation and output encoding fixes. Organizations unable to upgrade immediately should implement the following mitigations: restrict access to the /manage/password/web/ endpoint via network ACLs or firewall rules to trusted administrative networks only; disable web management access if not actively required; ensure strong authentication controls and multi-factor authentication are enforced for administrative accounts; and regularly audit stored remarks and password change logs for suspicious content or unauthorized modifications. Contact Endian support at https://help.endian.com/hc/en-us/sections/360004371358-Community for patched version availability and deployment guidance. No patch version has been independently confirmed at time of analysis; verify vendor advisory for exact fixed version numbers before deployment.

CVE-2021-27201 HIGH POC
8.8 Feb 15

Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell m

CVE-2026-34797 HIGH
8.7 Apr 02

Remote command execution in Endian Firewall Community Edition 3.3.25 and earlier allows authenticated users to inject ar

CVE-2026-34796 HIGH
8.7 Apr 02

Remote code execution in Endian Firewall versions ≤3.3.25 allows authenticated users with low privileges to execute arbi

CVE-2026-34795 HIGH
8.7 Apr 02

Remote code execution in Endian Firewall 3.3.25 and earlier allows authenticated attackers with low-level privileges to

CVE-2026-34794 HIGH
8.7 Apr 02

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated attackers to execute arbitrary OS co

CVE-2026-34793 HIGH
8.7 Apr 02

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated users with low privileges to inject

CVE-2026-34792 HIGH
8.7 Apr 02

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated users with low privileges to inject

CVE-2026-34791 HIGH
8.7 Apr 02

Remote command execution in Endian Firewall Community ≤3.3.25 allows authenticated users to inject OS commands through t

CVE-2026-34790 HIGH
7.1 Apr 02

Directory traversal in Endian Firewall 3.3.25 and earlier allows authenticated users to delete arbitrary files through t

CVE-2026-34821 MEDIUM
5.1 Apr 02

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary

CVE-2026-34820 MEDIUM
5.1 Apr 02

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaS

CVE-2026-34818 MEDIUM
5.1 Apr 02

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious

Share

EUVD-2026-18328 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy