CVE-2024-22547 identifies a Cross Site Scripting (XSS) vulnerability in WayOS IBR-7150 network devices with firmware versions prior to 17.06.23. XSS vulnerabilities arise when an application does not properly sanitize user-supplied input, allowing attackers to inject malicious scripts that execute in the context of a victim’s browser. In this case, the vulnerability is remotely exploitable without authentication (AV:N/PR:N), but requires user interaction (UI:R), such as clicking a crafted link or visiting a malicious page hosted on the device’s web interface. The scope is changed (S:C), meaning the vulnerability can affect resources beyond the initially vulnerable component. The impact is limited to integrity (I:L), with no confidentiality or availability impact. This could allow attackers to perform unauthorized actions on behalf of the user, manipulate the device’s web interface, or conduct phishing attacks to steal session tokens or credentials. The vulnerability is cataloged under CWE-79, a common web security flaw. No patches or known exploits are currently available, but the risk remains for organizations using affected devices. The CVSS 3.1 vector (4.7) reflects medium severity, balancing ease of remote exploitation with the need for user interaction and limited impact.

The primary impact of CVE-2024-22547 is the potential for attackers to execute malicious scripts within the context of the WayOS IBR-7150 device’s web management interface. This can lead to unauthorized actions such as changing device settings, redirecting administrators to malicious sites, or stealing session cookies and credentials. While the vulnerability does not directly compromise confidentiality or availability, the integrity of device management is at risk. This can result in misconfigurations or persistent unauthorized access if attackers leverage the XSS to escalate privileges or implant further malware. Organizations relying on these devices for critical network infrastructure may face increased risk of targeted attacks, especially if administrators interact with the vulnerable interface. The requirement for user interaction reduces the likelihood of automated widespread exploitation but does not eliminate targeted phishing or social engineering attacks. The absence of known exploits and patches means organizations must proactively mitigate the risk to prevent future exploitation.

1. Immediately upgrade WayOS IBR-7150 devices to firmware version 17.06.23 or later once available, as this version addresses the vulnerability. 2. Until patches are released, restrict access to the device’s web management interface using network segmentation and firewall rules to limit exposure to trusted administrators only. 3. Implement strict input validation and output encoding on any custom web interfaces or management portals to prevent injection of malicious scripts. 4. Educate administrators about the risks of phishing and social engineering attacks that could trigger the XSS vulnerability, emphasizing caution when clicking links or opening unexpected pages related to device management. 5. Monitor device logs and network traffic for unusual activity that may indicate attempted exploitation. 6. Consider deploying Web Application Firewalls (WAFs) or intrusion prevention systems (IPS) that can detect and block XSS attack patterns targeting the device. 7. Regularly audit and review device configurations and access controls to minimize the attack surface.