A command injection vulnerability in the Millbeck Communications Proroute H685t-w industrial cellular router allows authenticated attackers to execute arbitrary operating system commands. The vulnerability, published by CISA on September 17, 2024, carries a CVSS 3.1 score of 8.8 (High severity) with network attack vector, low attack complexity, and low privileges required. The affected product is specific [truncated]
MEDIUMMillbeck CommunicationsCVE published 2024-09-17
CVE-2024-38380 is a reflected cross-site scripting (XSS) vulnerability in the Millbeck Communications Proroute H685t-w industrial cellular router, affecting firmware version 3.2.334. The vulnerability stems from improper sanitization of user-supplied input that is subsequently reflected back to the browser, enabling attackers to execute arbitrary JavaScript in the victim's browser context. Published by CI [truncated]
