CVE-2024-57237

Published: Feb 3, 2025

Modified: Mar 3, 2025

PUBLISHED

Description

Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter does not properly sanitize input and the response is served with a Content-Type of text/html. This behavior allows the browser to execute injected JavaScript code.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://prolink2u.com/products/dl-7203e-b

https://harryha.substack.com/p/4g-lte-mobile-wifi-dl7203e-xss-cve-2024-57237

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-57237

Description

Affected Products

References