CVE-2024-31972
Description
EnGenius ESR580 A8J-EMR5000 devices allow a remote attacker to conduct stored XSS attacks that could lead to arbitrary JavaScript code execution (under the context of the user's session) via the Wi-Fi SSID input fields. Web scripts embedded into the vulnerable fields this way are executed immediately when a user logs into the admin page. This affects /admin/wifi/wlan1 and /admin/wifi/wlan_guest.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stored XSS in EnGenius ESR580 devices allows remote attackers to execute arbitrary JavaScript in admin session via SSID input fields.
The vulnerability is a stored cross-site scripting (XSS) flaw in the Wi-Fi SSID input fields of EnGenius ESR580 A8J-EMR5000 devices. An attacker can inject malicious web scripts into the SSID fields, which are then stored and executed when an administrator logs into the admin panel [1]. The affected endpoints are /admin/wifi/wlan1 and /admin/wifi/wlan_guest.
Exploitation requires network access to the device's management interface; an attacker can inject the payload without authentication. The script executes immediately upon the admin's page load, under the context of their session [1].
Successful exploitation leads to arbitrary JavaScript execution within the admin's browser session, enabling actions such as session hijacking, configuration changes, or data exfiltration [1].
As of the publication date, no official patch has been announced; users should restrict access to the admin interface and sanitize SSID inputs if possible [1].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.