EUVD-2019-8060

Malware in sbrugna...

CVE-2019-18267

An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site...

Cross site scripting

An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site...

CVE-2019-18267

An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G Fast Switch 61850 Versions 07A03 and prior. An attacker can inject arbitrary Javascript in a specially crafted HTTP request that may be reflected back in the HTTP response. The device is also vulnerable to a stored cross-site...

CVE-2019-18267

The CVE-2019-18267 vulnerability affects GE S2020/S2020G Fast Switch 61850, specifically versions 07A03 and prior. It is a cross-site scripting flaw arising from improper input handling in the device’s web page generation, enabling both reflected and stored XSS that can lead to session hijacking,...

GE S2020/S2020G Fast Switch 61850 Cross-Site Scripting Vulnerability

The GE S2020/S2020G Fast Switch 61850 is a managed Ethernet switch. A cross-site scripting vulnerability exists in the GE S2020/S2020G Fast Switch 61850, which can be exploited by an attacker to inject arbitrary code...

GE S2020/S2020G Fast Switch 61850

1. EXECUTIVE SUMMARY CVSS v3 4.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: GE S2020/S2020G Fast Switch 61850 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to inject arbitrary code...