← Retour aux CVEs
CVE-2026-24348
MEDIUM6.1
Description
Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users.
Details CVE
Score CVSS v3.16.1
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie1/27/2026
Derniere modification2/5/2026
Sourcenvd
Observations honeypot0
Produits affectes
nimbletech:ezcast_pro_dongle_iinimbletech:ezcast_pro_dongle_ii_firmware
Faiblesses (CWE)
CWE-20CWE-79
References
https://hub.ntc.swiss/ntcf-2025-145332(vulnerability@ncsc.ch)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.