AutomationDirect C-more EA9 HMI 跨站脚本漏洞

The AutomationDirect C-more EA9 HMI is a series of touchscreen panels from AutomationDirect, Inc. A cross-site scripting vulnerability exists in the AutomationDirect C-more EA9 HMI, which arises from the use of an insecure mechanism to transfer credentials from the client to the web server, which...

CVE-2020-10920

This vulnerability allows remote attackers to execute arbitrary code on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the control service, which listens on TCP port...