Description
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the new_cert_name parameter to /manage/ca/certificate/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Published: 2026-04-02
Score: 5.1 Medium
EPSS: n/a
KEV: No
Impact: Stored Cross‑Site Scripting that allows arbitrary script execution
Action: Immediate Patch
AI Analysis

Impact

Stored cross‑site scripting is possible via the new_cert_name parameter in the /manage/ca/certificate/ page of Endian Firewall. An attacker who is authenticated to the firewall can submit malicious JavaScript that is saved by the system and later executed in any visitor’s browser that accesses the page. This can lead to theft of session cookies, navigation to malicious sites, or execution of additional scripts without user knowledge.

Affected Systems

Endpoint devices running Endian Firewall version 3.3.25 or earlier are affected, including releases 2.1.2, 2.4, and 3.3.25. The vulnerability exists in the web interface that allows creation of new certificates through the new_cert_name field. Any installation that has not been updated beyond these versions is at risk.

Risk and Exploitability

The CVSS score of 5.1 indicates a moderate severity. Although the EPSS score is unavailable and the vulnerability is not listed in the CISA KEV catalog, the flaw requires only an authenticated user session and can be exploited by anyone with access to the certificate management page. Successful exploitation could compromise the confidentiality and integrity of the web session for other users, and perform actions such as session hijacking or content injection.

Generated by OpenCVE AI on April 2, 2026 at 16:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a supported Endian Firewall version newer than 3.3.25
  • If upgrading is not feasible, limit user permissions so only trusted administrators can access the /manage/ca/certificate/ page

Generated by OpenCVE AI on April 2, 2026 at 16:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the new_cert_name parameter to /manage/ca/certificate/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.
Title Endian Firewall /manage/ca/certificate/ new_cert_name Stored Cross-Site Scripting
First Time appeared Endian
Endian firewall
Weaknesses CWE-79
CPEs cpe:2.3:a:endian:firewall:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:3.3.25:*:*:*:*:*:*:*
Vendors & Products Endian
Endian firewall
References
Metrics cvssV3_1

{'score': 6.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Endian Firewall
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-02T15:35:46.537Z

Reserved: 2026-03-30T20:26:18.726Z

Link: CVE-2026-34822

cve-icon Vulnrichment

Updated: 2026-04-02T15:35:13.888Z

cve-icon NVD

Status : Received

Published: 2026-04-02T15:16:51.370

Modified: 2026-04-02T15:16:51.370

Link: CVE-2026-34822

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T20:20:22Z

Weaknesses