Lucene search
K

10 matches found

OSV
OSV
added 2022/02/24 7:15 p.m.4 views

CVE-2020-14502

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface...

6.1CVSS5.8AI score0.00992EPSS
Exploits0References1
NVD
NVD
added 2022/02/24 7:15 p.m.7 views

CVE-2020-14502

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface...

6.1CVSS0.00992EPSS
Exploits0References1
NVD
NVD
added 2022/02/24 7:15 p.m.7 views

CVE-2020-14504

The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings...

5.3CVSS0.01246EPSS
Exploits0References1
Prion
Prion
added 2022/02/24 7:15 p.m.17 views

Cross site scripting

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface...

4.3CVSS6.1AI score0.00992EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2022/02/24 7:15 p.m.13 views

Authentication flaw

The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings...

5CVSS5.7AI score0.01246EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2022/02/24 6:26 p.m.12 views

CVE-2020-14502

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface...

6.2AI score0.00992EPSS
Exploits0References1
CVE
CVE
added 2022/02/24 6:26 p.m.50 views

CVE-2020-14502

Rockwell Automation 1734-AENTR Series B/C are affected by CVE-2020-14502 due to a stored XSS in the web interface. The vulnerability allows a remote, unauthenticated attacker to store a script that can modify homepage text. Technical details are documented in ICS advisory ICSA-21-063-01, which li...

6.1CVSS6.2AI score0.00992EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/03/04 12:0 a.m.4 views

Rockwell Automation 1734-AENTR 跨站脚本漏洞

The Rockwell Automation 1734-AENTR is an industrial device from Rockwell Automation, Inc. It provides an industrial control system. The 1734-AENTR suffers from a cross-site scripting vulnerability that originates in the web interface of the communication module that is susceptible to an attacked...

6.1CVSS6AI score0.00992EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/04 12:0 a.m.7 views

Rockwell Automation 1734-AENTR 授权问题漏洞

The Rockwell Automation 1734-AENTR is an industrial device from Rockwell Automation, Inc. It provides an industrial control system. The Rockwell Automation 1734-AENTR suffers from an authorization issue vulnerability that arises from an unauthenticated attacker being able to send a crafted reques...

5.3CVSS5.8AI score0.01246EPSS
Exploits0References4
ICS
ICS
added 2021/03/04 12:0 a.m.73 views

Rockwell Automation 1734-AENTR Series B and Series C

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: 1734-AENTR Series B and Series C Vulnerabilities: Improper Access Control, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

6.1CVSS6.5AI score0.01246EPSS
Exploits0References5
Rows per page
Query Builder