Known Vulnerabilities for products from Endian

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Endian".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-34823 json Not Provided 2026-04-02 2026-04-02
CVE-2026-34822 json Not Provided 2026-04-02 2026-04-02
CVE-2026-34821 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/vpnauthe... Not Provided 2026-04-02 2026-04-07
CVE-2026-34820 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/ipsec/. ... Not Provided 2026-04-02 2026-04-07
CVE-2026-34819 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the REMARK parameter to /cgi-bin/openvpn... Not Provided 2026-04-02 2026-04-07
CVE-2026-34818 json Not Provided 2026-04-02 2026-04-02
CVE-2026-34817 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the ADDRESS BCC parameter to /cgi-bin/sm... Not Provided 2026-04-02 2026-04-06
CVE-2026-34816 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the domain parameter to /manage/smtpscan... Not Provided 2026-04-02 2026-04-06
CVE-2026-34815 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the DOMAIN parameter to /cgi-bin/smtpdom... Not Provided 2026-04-02 2026-04-06
CVE-2026-34814 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the group parameter to /cgi-bin/proxygro... Not Provided 2026-04-02 2026-04-06
CVE-2026-34813 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parameter to /cgi-bin/proxyuser... Not Provided 2026-04-02 2026-04-06
CVE-2026-34812 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the mimetypes parameter to /cgi-bin/prox... Not Provided 2026-04-02 2026-04-06
CVE-2026-34811 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/xtacces... Not Provided 2026-04-02 2026-04-07
CVE-2026-34810 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/vpnfw.c... Not Provided 2026-04-02 2026-04-07
CVE-2026-34809 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/zonefw.... Not Provided 2026-04-02 2026-04-07
CVE-2026-34808 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/outgoin... Not Provided 2026-04-02 2026-04-07
CVE-2026-34807 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/incomin... Not Provided 2026-04-02 2026-04-07
CVE-2026-34806 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/snat.cg... Not Provided 2026-04-02 2026-04-07
CVE-2026-34805 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /cgi-bin/dnat.cg... Not Provided 2026-04-02 2026-04-07
CVE-2026-34804 json Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the dscp parameter to /manage/qos/rules/... Not Provided 2026-04-02 2026-04-07
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Endian

Type Vendor Product Version
ApplicationEndianFirewall2.1.2
ApplicationEndianFirewall Community3.3.2