CVE-2019-18233
N/A
N/A
Summary
In Advantech Spectre RT Industrial Routers ERT351 5.1.3 and prior, the affected product does not neutralize special characters in the error response, allowing attackers to use a reflected XSS attack.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Advantech Spectre RT Industrial Routers ERT351 | 5.1.3 and prior | affected |
Weaknesses
- CWE-79: IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION CWE-79
ADP Enrichment
CVE Program Container
Additional References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-054-03
- https://ep.advantech-bb.cz/support/router-models/download/511/sa-2021-01-fw-5.1.3-and-older-en.pdf
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-054-03
- https://ep.advantech-bb.cz/support/router-models/download/511/sa-2021-01-fw-5.1.3-and-older-en.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.