CVE-2022-43376

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43376

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

CVE-2022-43376

CVE-2022-43376 is a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric NetBotz NetBotz 4 series (versions 4.7.0 and prior; affected models include 355/450/455/550/570). The issue arises from improper neutralization of input during web page generation, enabling code and session mani...

Schneider Electric NetBotz 跨站脚本漏洞

Schneider Electric NetBotz is a proactive monitoring solution from Schneider Electric, France. It is designed to protect against physical, environmental or human threats that can cause disruption or downtime to IT infrastructure. Schneider Electric NetBotz suffers from a cross-site scripting...

Schneider Electric NetBotz 安全漏洞

Schneider Electric NetBotz is a proactive monitoring solution from Schneider Electric, France. It is designed to protect against physical, environmental, or human threats that can cause IT infrastructure disruption or downtime. A security vulnerability exists in Schneider Electric NetBotz 4 V4.7....

Schneider Electric NetBotz 安全漏洞

Schneider Electric NetBotz is a proactive monitoring solution from Schneider Electric, France. It is designed to protect against physical, environmental, or human threats that can cause IT infrastructure disruption or downtime. A security vulnerability exists in Schneider Electric NetBotz 4 V4.7....

The vulnerability of microprogramming software in programming-and-software-based monitoring and security infrastructure for IT infrastructure systems arises from the inability to effectively limit authentication attempts. This allows attackers to circumvent existing security restrictions by using brute-force attacks.

The vulnerability of the microprogramming software used in software-hardware environments for monitoring and security protection of IT infrastructure against physical threats in the NetBotz 4 system is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability...

The vulnerability of microprogramming software in the software-hardware environment for monitoring and security protection of IT infrastructure against physical threats, such as the implementation of NetBotz 4, allows a intruder to execute arbitrary code.

The vulnerability of microprogramming software in programming-and-software-based environments for monitoring and security protection of IT infrastructure arises due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to execute...

PT-2022-6266 · Netbotz 4 · Netbotz 4

Name of the Vulnerable Software and Affected Versions: NetBotz 4 versions 4.7.0 and prior Description: The issue is related to insufficient restriction of authentication attempts, allowing a remote attacker to bypass security restrictions using a brute force attack. This could lead to account...

PT-2022-5354 · Netbotz 4 · Netbotz 4

Name of the Vulnerable Software and Affected Versions: NetBotz 4 versions 4.7.0 and prior Description: The issue arises from inadequate protection of the web page structure, potentially allowing a remote attacker to execute arbitrary code. This is related to a Cross-site Scripting vulnerability,...

PT-2022-6688 · Netbotz 4 · Netbotz 4

Name of the Vulnerable Software and Affected Versions: NetBotz 4 versions 4.7.0 and prior Description: A vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. This issue is related to improper...

Information disclosure

A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply UPS using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 NMC2: AP9630/AP9630CH/AP9630J,...

CVE-2021-22813

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:...