2 matches found
Westermo DR-250, DR-260 and MR-260 Cross-site Scripting (CVE-2018-19614)
XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
CVE-2018-19614
Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers are affected by a Cross‑Site Scripting (XSS) vulnerability in the web UI path /cmdexec/cmdexe?cmd=, arising from insufficient validation of client data in the web application. The issue can allow an attacker to inject and execute client‑side co...