CVE-2023-4202 Stored Cross-Site Scripting

🗓️ 08 Aug 2023 10:24:40Reported by CyberDanubeType

Advantech EKI-1524, EKI-1522, EKI-1521 devices affected by Stored Cross-Site Scripting vulnerability

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of microprogrammed software in Advantech EKI-1524, EKI-1522, and EKI-1521 industrial switches stems from the lack of protective measures for website structures. This allows attackers to perform cross-site scripting attacks.	28 Sep 202300:00	–	bdu_fstec
Circl	CVE-2023-4202	2 Sep 202323:00	–	circl
CNNVD	Advantech Cross-Site Scripting Vulnerability	8 Aug 202300:00	–	cnnvd
CVE	CVE-2023-4202	8 Aug 202310:24	–	cve
EUVD	EUVD-2023-54076	3 Oct 202520:07	–	euvd
ICS	Advantech EKI-1524-CE series	26 Sep 202306:00	–	ics
NVD	CVE-2023-4202	8 Aug 202311:15	–	nvd
Packet Storm	Advantech EKI-1524-CE / EKI-1522 / EKI-1521 Cross Site Scripting	14 Aug 202300:00	–	packetstorm
Prion	Cross site scripting	8 Aug 202311:15	–	prion
Positive Technologies	PT-2023-5481 · Advantech · Eki-1522 +2	17 Jul 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "product": "EKI-1524",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThanOrEqual": "1.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EKI-1522",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThanOrEqual": "1.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "EKI-1521",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThanOrEqual": "1.21",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/fulldisclosure/2023/Aug/13
packetstormsecurity	www.packetstormsecurity.com/files/174153/Advantech-EKI-1524-CE-EKI-1522-EKI-1521-Cross-Site-Scripting.html
cyberdanube	www.cyberdanube.com/en/en-st-polten-uas-multiple-vulnerabilities-in-advantech-eki-15xx-series/

14 Aug 2023 18:06Current

8.1High risk

Vulners AI Score8.1

CVSS 3.19

EPSS0.00203

CWE-79