CVE-2023-34412
4.8
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Lion Europe | mbNET | 0 < 7.3.2 | affected |
| Red Lion Europe | mbNET.rokey | 0 < 7.3.2 | affected |
| Helmholz | REX 200 | 0 < 7.3.2 | affected |
| Helmholz | REX 250 | 0 < 7.3.2 | affected |
Weaknesses
- CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.