PatchSiren cyber security CVE debrief
CVE-2024-38380 Millbeck Communications CVE debrief
CVE-2024-38380 is a reflected cross-site scripting (XSS) vulnerability in the Millbeck Communications Proroute H685t-w industrial cellular router, affecting firmware version 3.2.334. The vulnerability stems from improper sanitization of user-supplied input that is subsequently reflected back to the browser, enabling attackers to execute arbitrary JavaScript in the victim's browser context. Published by CISA on September 17, 2024, this vulnerability carries a CVSS 3.1 score of 5.5 (Medium severity) with a vector of AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L, indicating network accessibility, low attack complexity, low privileges required, user interaction needed, and impacts to confidentiality, integrity, and availability. The affected product is specifically the Proroute H685t-w router running firmware version 3.2.334. Millbeck Communications has released firmware version 3.2.335 or higher to address this vulnerability. Organizations deploying this industrial router should prioritize firmware updates and implement defense-in-depth strategies including network segmentation, input validation at web application firewalls, and principle of least privilege for administrative access.
- Vendor
- Millbeck Communications
- Product
- Proroute H685t-w
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-09-17
- Original CVE updated
- 2024-09-17
- Advisory published
- 2024-09-17
- Advisory updated
- 2024-09-17
Who should care
Organizations operating Millbeck Communications Proroute H685t-w cellular routers in industrial, utility, or critical infrastructure environments; security teams managing OT/ICS device fleets; network administrators responsible for perimeter router security.
Technical summary
Reflected cross-site scripting vulnerability in Proroute H685t-w router firmware 3.2.334 due to improper input sanitization. Attack vector requires network access and user interaction. Fixed in firmware v3.2.335.
Defensive priority
medium
Recommended defensive actions
- Apply firmware update to version 3.2.335 or higher on all affected Proroute H685t-w routers
- Implement network segmentation to isolate industrial control system devices from untrusted networks
- Deploy web application firewall rules to filter malicious input patterns associated with reflected XSS
- Enforce principle of least privilege for administrative access to router management interfaces
- Monitor for anomalous browser-based activity targeting router management portals
- Review and validate input sanitization implementations in custom applications interacting with the device
Evidence notes
Vulnerability description and remediation guidance sourced from CISA CSAF advisory ICSA-24-261-02. CVSS vector and score confirmed through source references. Affected product version 3.2.334 explicitly identified in CSAF product tree. Vendor patch availability confirmed through remediation section of source advisory.
Official resources
-
CVE-2024-38380 CVE record
CVE.org
-
CVE-2024-38380 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-09-17