Design/Logic Flaw

2023-05-2302:15:00

PRIOn knowledge base

www.prio-n.com

client-side enforcement

server-side security

t&d corporation

espec mic corp

data loggers

arbitrary script execution

vulnerable firmware versions

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON

Client-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user’s web browser. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).