3 matches found
CVE-2022-40181
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...
Siemens Desigo PXM Devices Improper Neutralization of Encoded Uri Schemes in a Web Page (CVE-2022-40181)
A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...
CVE-2022-40181
CVE-2022-40181 affects Siemens Desigo PXM devices (PXM30-1, PXM30.E, PXM40-1, PXM40.E, PXM50-1, PXM50.E, PXG3.W100-1, PXG3.W100-2, PXG3.W200-1, PXG3.W200-2). The embedded browser fails to neutralize encoded URI schemes when redirected to resources by web app code, enabling a remote, low-privilege...