CVE-2026-26352 | Smoothwall Express up to 3.1 Update 12 /cgi-bin/vpnmain.cgi VPN_IP cross site scripting (EUVD-2026-17126)

A vulnerability classified as problematic was found in Smoothwall Express up to 3.1 Update 12. This vulnerability affects unknown code of the file /cgi-bin/vpnmain.cgi. Executing a manipulation of the argument VPN_IP can lead to cross site scripting.

The identification of this vulnerability is CVE-2026-26352. The attack may be launched remotely. There is no exploit available.

It is best practice to apply a patch to resolve this issue.VulDB Recent EntriesRead More