ID CVE-2014-6616 Type cve Reporter NVD Modified 2015-09-01T14:11:15
Description
Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.
{"reporter": "NVD", "enchantments": {"vulnersScore": 4.3}, "published": "2015-08-31T14:59:08", "cvelist": ["CVE-2014-6616"], "title": "CVE-2014-6616", "objectVersion": "1.2", "type": "cve", "hash": "7d9b14d9795d42e4b6fa767272b59f9083935e568584814679e66bbd38c84d00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6616", "bulletinFamily": "NVD", "id": "CVE-2014-6616", "history": [], "scanner": [], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "modified": "2015-09-01T14:11:15", "viewCount": 0, "cpe": ["cpe:/o:softing:fg-x00_profibus_firmware:2.02.0.00"], "edition": 1, "description": "Cross-site scripting (XSS) vulnerability in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) with firmware FG-x00-PB_V2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICE_NAME parameter to cgi-bin/CFGhttp/.", "references": ["http://www.securityfocus.com/bid/70917", "http://www.securityfocus.com/archive/1/archive/1/533903/100/0/threaded", "http://packetstormsecurity.com/files/128975/Softing-FG-100-PB-Cross-Site-Scripting.html"], "lastseen": "2016-09-03T21:06:51", "assessment": {"system": "", "name": "", "href": ""}}
