Description
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the REMARK parameter to /cgi-bin/openvpnclient.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Published: 2026-04-02
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored Cross‑Site Scripting
Action: Apply Patch
AI Analysis

Impact

The vulnerability is a stored XSS in the REMARK parameter of /cgi-bin/openvpnclient.cgi in Endian Firewall versions 3.3.25 and earlier. An authenticated user can submit arbitrary JavaScript that is stored in the system and executed when other users view the affected page. The injected code runs in the victim’s browser context.

Affected Systems

Affected deployments include Endian Firewall 2.1.2, 2.4, 3.3.25, and community editions. These versions are identified in the provided CPE data.

Risk and Exploitability

The CVSS base score of 5.1 indicates moderate severity. EPSS score is below 1%, implying low probability of widespread exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Attackers must first obtain authenticated access to the system to inject the payload; once stored, the script is delivered to any user who visits the openvpn client page, creating potential for widespread impact within a compromised environment.

Generated by OpenCVE AI on April 7, 2026 at 20:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Endian Firewall patch that addresses the /cgi-bin/openvpnclient.cgi XSS issue
  • If no patch is available, limit or disable the /cgi-bin/openvpnclient.cgi endpoint or restrict access to the REMARK parameter
  • Remove or sanitize existing REMARK entries that may contain malicious scripts
  • Monitor web application logs for XSS attempts

Generated by OpenCVE AI on April 7, 2026 at 20:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Endian firewall Community
CPEs cpe:2.3:a:endian:firewall_community:*:*:*:*:*:*:*:*
Vendors & Products Endian firewall Community

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the REMARK parameter to /cgi-bin/openvpnclient.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Title Endian Firewall /cgi-bin/openvpnclient.cgi REMARK Stored Cross-Site Scripting
First Time appeared Endian
Endian firewall
Weaknesses CWE-79
CPEs cpe:2.3:a:endian:firewall:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:3.3.25:*:*:*:*:*:*:*
Vendors & Products Endian
Endian firewall
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Endian Firewall Firewall Community
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-02T15:27:40.560Z

Reserved: 2026-03-30T20:26:18.726Z

Link: CVE-2026-34819

cve-icon Vulnrichment

Updated: 2026-04-02T15:27:35.774Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T15:16:50.750

Modified: 2026-04-07T14:20:20.590

Link: CVE-2026-34819

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:55:49Z

Weaknesses