Description
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/proxyuser.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Published: 2026-04-02
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored XSS
Action: Patch ASAP
AI Analysis

Impact

The vulnerability allows an authenticated user to submit arbitrary JavaScript through the user parameter of /cgi-bin/proxyuser.cgi. Because the input is stored and later rendered without proper sanitization, the script executes in the browsers of any other visitor to the page, enabling session hijacking, defacement, or hidden redirects. This stored XSS weakness is classified under CWE‑79.

Affected Systems

Endian Firewall products are affected, including versions 2.1.2, all 2.4 releases, version 3.3.25, and the community edition. Any deployment that has not been upgraded to a version where the flaw is fixed remains vulnerable.

Risk and Exploitability

The flaw carries a CVSS score of 5.1, indicating medium severity, and an EPSS score below 1 %, suggesting a low probability of exploitation in the wild. It is not listed in the CISA known exploited vulnerabilities catalog. Exploitation requires authenticated credentials, limiting the attack surface to privileged users or compromised accounts. Nonetheless, because the injected script runs in clients' browsers, the potential for credential theft, session hijacking, and other client‑side abuse warrants prompt remediation.

Generated by OpenCVE AI on April 6, 2026 at 20:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Confirm the exact Endian Firewall version in use to determine whether it falls within the affected releases.
  • Apply the latest available Endian Firewall update that contains the stored XSS fix as soon as possible.
  • If an immediate update cannot be performed, restrict or block access to /cgi-bin/proxyuser.cgi for all users except trusted administrators or neutralize the user parameter from untrusted requests.
  • Continuously monitor web application logs for attempts to inject malicious scripts and review user activity for signs of exploitation.

Generated by OpenCVE AI on April 6, 2026 at 20:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Endian firewall Community
CPEs cpe:2.3:a:endian:firewall_community:*:*:*:*:*:*:*:*
Vendors & Products Endian firewall Community

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/proxyuser.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Title Endian Firewall /cgi-bin/proxyuser.cgi user Stored Cross-Site Scripting
First Time appeared Endian
Endian firewall
Weaknesses CWE-79
CPEs cpe:2.3:a:endian:firewall:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:3.3.25:*:*:*:*:*:*:*
Vendors & Products Endian
Endian firewall
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Endian Firewall Firewall Community
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-02T15:26:38.529Z

Reserved: 2026-03-30T20:26:18.725Z

Link: CVE-2026-34813

cve-icon Vulnrichment

Updated: 2026-04-02T15:26:34.849Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T15:16:49.347

Modified: 2026-04-06T16:14:20.287

Link: CVE-2026-34813

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T07:56:15Z

Weaknesses