Home

Description

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a stored cross-site scripting vulnerability in the embedded web configuration interface that allows authenticated attackers to execute persistent JavaScript by fragmenting malicious payloads across multiple administrative form fields. Attackers can bypass front-end length restrictions using JavaScript comments and template literals to concatenate executable script fragments that are rendered in administrative dashboard views such as index.zhtml, resulting in persistent script execution within administrative sessions.

PUBLISHED Reserved 2026-05-20 | Published 2026-05-20 | Updated 2026-05-20 | Assigner VulnCheck




HIGH: 7.6CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

HIGH: 8.4CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Product status

Default status
unknown

Rev 7.3 (custom)
affected

Rev 8 (custom)
affected

UM-AG1000_R7.2 (custom)
affected

Credits

Muhammad Imam Baguna finder

VulnCheck coordinator

References

medium.com/...aiko-ag1000-01a-sms-alert-gateway-82095b1d633e (Ledger Security Bulletin 019) technical-description

www.vulncheck.com/...red-xss-via-web-configuration-interface third-party-advisory

cve.org (CVE-2026-9144)

nvd.nist.gov (CVE-2026-9144)

Download JSON