CVE-2023-4202

🗓️ 08 Aug 2023 10:24:40Reported by CyberDanubeType

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 affected by Stored XSS vulnerability

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-4202	2 Sep 202323:00	–	circl
CNNVD	Advantech Cross-Site Scripting Vulnerability	8 Aug 202300:00	–	cnnvd
Cvelist	CVE-2023-4202 Stored Cross-Site Scripting	8 Aug 202310:24	–	cvelist
EUVD	EUVD-2023-54076	3 Oct 202520:07	–	euvd
ICS	Advantech EKI-1524-CE series	26 Sep 202306:00	–	ics
NVD	CVE-2023-4202	8 Aug 202311:15	–	nvd
Packet Storm	Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting	14 Aug 202300:00	–	packetstorm
Prion	Cross site scripting	8 Aug 202311:15	–	prion
Positive Technologies	PT-2023-5481 · Advantech · Eki-1522 +2	17 Jul 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-4202 Stored Cross-Site Scripting	8 Aug 202310:24	–	vulnrichment

NVD

Node

advantech eki-1524_firmwareRange≤1.21

AND

advantech eki-1524Match-

Node

advantech eki-1522_firmwareRange≤1.21

AND

advantech eki-1522Match-

Node

advantech eki-1521_firmwareRange≤1.21

AND

advantech eki-1521Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "EKI-1524",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThanOrEqual": "1.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EKI-1522",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThanOrEqual": "1.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EKI-1521",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThanOrEqual": "1.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/174153/Advantech-EKI-1524-CE-EKI-1522-EKI-1521-Cross-Site-Scripting.html
seclists	www.seclists.org/fulldisclosure/2023/Aug/13
cyberdanube	www.cyberdanube.com/en/en-st-polten-uas-multiple-vulnerabilities-in-advantech-eki-15xx-series/

13 Feb 2025 17:17Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.4 - 9

EPSS0.00203

SSVC

CWE-79