Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-40114

A Cross Site Scripting (XSS) vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code.

Published

2025-06-02T16:15:27.127

Last Modified

2025-06-24T00:59:48.440

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	sitecom	wlx-2006_firmware	≤ 1.5	Yes
Hardware	sitecom	wlx-2006	-	No

References

http://www.sitecomlearningcentre.com/products/wlx-2006v1001/wi-fi-range-extender-n300/downloads Product ([email protected])
https://github.com/Emm448/vulnerability-research/tree/main/CVE-2024-40114 Exploit, Third Party Advisory ([email protected])