Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Endian — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting Endian. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Endian operates as a provider of unified threat management appliances and security software, primarily targeting small to medium-sized enterprises seeking consolidated network protection. Its product portfolio integrates firewall, intrusion prevention, and content filtering capabilities into a single platform. Historical analysis reveals a pattern of critical vulnerabilities, predominantly involving remote code execution and cross-site scripting flaws within its web-based management interface. These defects often stem from insufficient input validation and improper access controls, allowing attackers to escalate privileges or execute arbitrary commands on the underlying system. While specific major incidents remain less publicized compared to larger vendors, the accumulation of thirty-four Common Vulnerabilities and Exposures highlights persistent weaknesses in its development lifecycle. Security researchers frequently identify these issues as high-risk, necessitating immediate patching to prevent unauthorized system compromise and data exfiltration.

Top products by Endian: Endian Firewall
CVE IDTitleCVSSSeverityPublished
CVE-2026-34823 Endian Firewall /manage/password/web/ remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34822 Endian Firewall /manage/ca/certificate/ new_cert_name Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34821 Endian Firewall /manage/vpnauthentication/user/ remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34819 Endian Firewall /cgi-bin/openvpnclient.cgi REMARK Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34820 Endian Firewall /manage/ipsec/ remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34818 Endian Firewall /manage/dnsmasq/localdomains/ remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34816 Endian Firewall /manage/smtpscan/domainrouting/ domain Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34817 Endian Firewall /cgi-bin/smtprouting.cgi ADDRESS BCC Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34815 Endian Firewall /cgi-bin/smtpdomains.cgi DOMAIN Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34814 Endian Firewall /cgi-bin/proxygroup.cgi group Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34812 Endian Firewall /cgi-bin/proxypolicy.cgi mimetypes Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34813 Endian Firewall /cgi-bin/proxyuser.cgi user Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34811 Endian Firewall /cgi-bin/xtaccess.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34810 Endian Firewall /cgi-bin/vpnfw.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34809 Endian Firewall /cgi-bin/zonefw.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34808 Endian Firewall /cgi-bin/outgoingfw.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34807 Endian Firewall /cgi-bin/incoming.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34806 Endian Firewall /cgi-bin/snat.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34805 Endian Firewall /cgi-bin/dnat.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34804 Endian Firewall /manage/qos/rules/ dscp Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34803 Endian Firewall /manage/qos/classes/ name Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34801 Endian Firewall /manage/dhcp/fixed_leases/ remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34802 Endian Firewall /cgi-bin/salearn.cgi remark user ham spam Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34800 Endian Firewall /cgi-bin/uplinkeditor.cgi NAME Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34799 Endian Firewall /manage/dnsmasq/hosts/ remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34797 Endian Firewall /cgi-bin/logs_smtp.cgi DATE Perl Command Injection — Endian FirewallCWE-78 8.8 High2026-04-02
CVE-2026-34798 Endian Firewall /cgi-bin/routing.cgi remark Stored Cross-Site Scripting — Endian FirewallCWE-79 6.4 Medium2026-04-02
CVE-2026-34796 Endian Firewall /cgi-bin/logs_openvpn.cgi DATE Perl Command Injection — Endian FirewallCWE-78 8.8 High2026-04-02
CVE-2026-34795 Endian Firewall /cgi-bin/logs_log.cgi DATE Perl Command Injection — Endian FirewallCWE-78 8.8 High2026-04-02
CVE-2026-34794 Endian Firewall /cgi-bin/logs_ids.cgi DATE Perl Command Injection — Endian FirewallCWE-78 8.8 High2026-04-02

This page lists every published CVE security advisory associated with Endian. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.