Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
8DescriptionCVE.org
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Cross-site scripting (XSS) vulnerability in BIVOCOM TR321 version 21.1.1.50 allows authenticated remote attackers with high privileges to inject malicious scripts via manipulation of the Network Name SSID parameter in the Wireless Setting component. The vulnerability requires user interaction to trigger and has limited integrity impact. Exploit code has been publicly published, though the vendor has not responded to disclosure attempts.
Technical ContextAI
The vulnerability exists in the Wireless Setting component of BIVOCOM TR321, a networking device firmware. The flaw is rooted in improper input validation or output encoding of the Network Name SSID parameter (CWE-79: Improper Neutralization of Input During Web Page Generation). When an attacker with high privilege credentials manipulates the SSID field, unsanitized user input is reflected in web responses without proper encoding, allowing arbitrary JavaScript execution in the context of authenticated administrators' browsers. This is a reflected XSS vulnerability affecting the device's web-based management interface.
RemediationAI
No vendor-released patch has been identified at time of analysis, and BIVOCOM has not responded to disclosure. Primary remediation options are: (1) Upgrade to a patched firmware version if available from BIVOCOM directly (verify with the vendor); (2) Restrict network access to the TR321 web management interface to trusted internal networks only, blocking external administrative access via firewall rules or network segmentation; (3) Enforce strong, unique passwords for all administrative accounts and implement multi-factor authentication if supported by the device firmware; (4) Disable remote administrative access if not operationally required, limiting management to local console or internal network access only; (5) Implement web application firewalls (WAF) or reverse proxies that sanitize SSID parameters in wireless configuration requests; (6) Monitor firmware release channels for security updates and apply them promptly once available. The trade-off of restricting remote access is reduced operational convenience for distributed administration but significantly lowers the attack surface. Given the vendor's non-responsiveness, organizations should escalate this through their support channels or consider alternative equipment vendors.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25673