CVE-2026-26352
Received Received - Intake
Stored XSS in Smoothwall Express vpnmain.cgi Allows Script Injection

Publication date: 2026-03-30

Last updated on: 2026-04-14

Assigner: VulnCheck

Description
Smoothwall Express versions prior to 3.1 Update 13 contain a stored cross-site scripting vulnerability in the /cgi-bin/vpnmain.cgi script due to improper sanitation of the VPN_IP parameter. Authenticated attackers can inject arbitrary JavaScript through VPN configuration settings that executes when the affected page is viewed by other users.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-30
Last Modified
2026-04-14
Generated
2026-06-16
AI Q&A
2026-03-30
EPSS Evaluated
2026-06-15
NVD
CVE-2026-26352
EUVD
EUVD-2026-17126
Affected Vendors & Products
Showing 13 associated CPEs
Vendor Product Version / Range
smoothwall smoothwall_express to 3.0 (inc)
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
smoothwall smoothwall_express 3.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how the stored cross-site scripting vulnerability in Smoothwall Express affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-26352 is a stored cross-site scripting (XSS) vulnerability found in Smoothwall Express versions prior to 3.1 Update 13. It exists in the /cgi-bin/vpnmain.cgi script due to improper sanitization of the VPN_IP parameter.

Authenticated attackers can exploit this flaw by injecting arbitrary JavaScript code through VPN configuration settings. This malicious script then executes when other users view the affected page, potentially compromising their security.

Impact Analysis

This vulnerability allows an authenticated attacker to inject and execute arbitrary JavaScript code in the context of other users viewing the affected page.

  • It can lead to unauthorized actions performed on behalf of other users.
  • It may result in theft of sensitive information such as session tokens or credentials.
  • The attack complexity is low, and it requires only authenticated access, making it a medium severity risk.
Detection Guidance

This vulnerability can be detected by checking for the presence of the stored cross-site scripting issue in the /cgi-bin/vpnmain.cgi script, specifically by examining the VPN_IP parameter in VPN configuration settings for injected JavaScript code.

Since the vulnerability involves improper sanitization of the VPN_IP parameter, detection can involve reviewing VPN configuration inputs or monitoring HTTP requests and responses to /cgi-bin/vpnmain.cgi for suspicious or unexpected JavaScript code.

No specific commands are provided in the available resources to detect this vulnerability directly.

Mitigation Strategies

Immediate mitigation steps include upgrading Smoothwall Express to version 3.1 Update 13 or later, where this vulnerability is fixed.

Until an upgrade can be applied, restrict access to the /cgi-bin/vpnmain.cgi script to trusted authenticated users only, and carefully validate or sanitize VPN_IP parameter inputs to prevent injection of malicious scripts.

Additionally, monitor VPN configuration changes for suspicious entries and educate users about the risks of stored XSS vulnerabilities.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-26352. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart