3 matches found
CVE-2020-7574
A vulnerability has been identified in Climatix POL908 BACnet/IP module All versions, Climatix POL909 AWM module All versions V11.32. A persistent cross-site scripting XSS vulnerability exists in the "Server Config" web interface of the affected devices that could allow an attacker to inject...
CVE-2020-7574
Siemens Climatix POL908 (BACnet/IP module) and POL909 (AWM module) are affected by CVE-2020-7574, a cross-site scripting (XSS) vulnerability in the Server Config web interface. The issue, present in all versions for POL908 and all versions
Siemens Climatix (Update A)
1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Climatix Vulnerability: Cross-site Scripting, Basic XSS 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-20-105-04 Siemens Climatix...