Dm4100
Monthly
Cross-site scripting (XSS) in Datacom DM4100 version 1.3.6.1.4.1.3709 allows authenticated remote attackers to inject malicious scripts via manipulation of the Name parameter in the Ethernet Configuration Page. The vulnerability requires high-privilege administrative access and user interaction to trigger, limiting real-world impact despite public exploit availability. Vendor has not responded to disclosure.
Cross-site scripting (XSS) in Datacom DM4100 version 1.3.6.1.4.1.3709 allows authenticated remote attackers to inject malicious scripts via manipulation of the Name parameter in the Ethernet Configuration Page. The vulnerability requires high-privilege administrative access and user interaction to trigger, limiting real-world impact despite public exploit availability. Vendor has not responded to disclosure.