Westermo DR-260 Router - All firmware versions
Westermo DR-250 Router - All firmware versions
Westermo MR-260 Router - All firmware versions
The aforementioned router models are known to be vulnerable to reflected Cross-Site-Scripting (XSS).
The component of the web interface affected by this issue is the command console:
Working alongside the router vendor, it was established that this vulnerability affects all of the specified router models, regardless of firmware version. Since this product is considered to be EOL, no patches for this issue are expected.
For assistance in identifying this issue, credit should also be given to:
Nettitude - https://www.nettitude.com/uk/