CVE-2019-18233

Summary

In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack.

Affected Software

VendorProductVersion RangeStatus
n/aAdvantech Spectre RT Industrial Routers ERT3515.1.3 and prioraffected

Weaknesses

  • CWE-79: IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION CWE-79

ADP Enrichment

CVE Program Container

Additional References

References