CVE-2023-34412 in mbNET信息

摘要

由 MITRE • 2023-08-17

A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker to store an arbitrary JavaScript payload on the diagnosis page of the device. That page is loaded immediately after login in to the device and runs the stored payload, allowing the attacker to read and write browser data and reduce system performance.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Do you know our Splunk app?

Download it now for free!