CVE-2024-31971 Information

Description

Multiple stored cross-site scripting (XSS) vulnerabilities on AdTran NetVanta 3120 18.01.01.00.E devices allow remote attackers to inject arbitrary JavaScript as demonstrated by /mainPassword.html /processIdentity.html /public.html /dhcp.html /private.html /hostname.html /connectivity.html /NetworkMonitor.html /trafficMonitoringConfig.html and /wizardMain.html.

Reference

https://github.com/actuator/cve/blob/main/AdTran/NetVanta-3120-XSS https://github.com/actuator/cve/blob/main/AdTran/CVE-2024-31971