Zero Day MonitorZDM

← Back to list

6.4

CVE-2026-34801EXPLOITED

endian · endian firewall

Endian Firewall /manage/dhcp/fixed_leases/ remark Stored Cross-Site Scripting

Description

Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark parameter to /manage/dhcp/fixed_leases/. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page.

Affected Products

Vendor	Product	Versions
endian	endian firewall	3.3.25

References

https://help.endian.com/hc/en-us/sections/360004371358-Community(release-notes)
https://www.vulncheck.com/advisories/endian-firewall-manage-dhcp-fixed-leases-remark-stored-cross-site-scripting(third-party-advisory)

Related News (1 articles)

Tier C

VulDB4h ago

CVE-2026-34801 | Endian Firewall 3.3.25 Parameter fixed_leases remark cross site scripting

→ No new info (linked only)

CVSS 3.16.4 NONE

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-79

PublishedApr 2, 2026

Last enriched4h agov2

Trending Score39

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-34814EXP

Endian Firewall /cgi-bin/proxygroup.cgi group Stored Cross-Site Scripting

HIGHCVE-2026-34796EXP

Endian Firewall /cgi-bin/logs_openvpn.cgi DATE Perl Command Injection

HIGHCVE-2026-34790EXP

Endian Firewall /cgi-bin/backup.cgi remove ARCHIVE Directory Traversal

NONECVE-2026-34797EXP

Endian Firewall /cgi-bin/logs_smtp.cgi DATE Perl Command Injection

NONECVE-2026-34791EXP

Endian Firewall /cgi-bin/logs_proxy.cgi DATE Perl Command Injection

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 2, 2026

Discovered by ZDM

Apr 2, 2026

Updated: description, severity, activelyExploited

Apr 2, 2026

Actively Exploited

Apr 2, 2026

Version History

v2

Last enriched 4h ago

v2Tier C4h ago

Updated description with more technical detail, changed severity to HIGH, and noted that the exploit is not available.

descriptionseverityactivelyExploited

via VulDB

v14h ago

Initial creation