A potential attacker with or without (cookie theft) access to the device would be able to include malicious code (XSS) when uploading new device configuration that could affect the intended function of the device.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NSocomec Modulys Gp
HWSocomecwszystkie wersjeSocomec Modulys Gp Firmware
OSSocomec01.12.10
Powiązane podatności
Session management within the web application is incorrect and allows attackers to steal session co...
Thanks to the weaknesses that the web application has at the user management level, an attacker could o...
The web application that owns the device clearly stores the credentials within the user managem...
The absence of filters when loading some sections in the web application of the vulnerable device...
Sending some requests in the web application of the vulnerable device allows information to be obtained due to...