← Zuruck zu CVEs
CVE-2026-24348
MEDIUM6.1
Beschreibung
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
CVE Details
CVSS v3.1 Bewertung6.1
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht1/27/2026
Zuletzt geandert2/5/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
nimbletech:ezcast_pro_dongle_iinimbletech:ezcast_pro_dongle_ii_firmware
Schwachen (CWE)
CWE-20CWE-79
Referenzen
https://hub.ntc.swiss/ntcf-2025-145332(vulnerability@ncsc.ch)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.