Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2 days ago4 views

Siemens SIMATIC S7 PLC Web Server Improper Neutralization of Input During Web Page Generation (CVE-2026-25789)

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting a modified firmware file. This would result in malicious JavaScript execution in the context of the authenticated user's...

7.2CVSS7.3AI score0.00274EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.14 views

Siemens多款产品 跨站脚本漏洞

The Siemens SIMATIC Drive Controller is a series of drive controllers developed by the German company Siemens. Several Siemens products have a cross-site scripting vulnerability. This vulnerability arises from improper validation and cleaning of file names on the firmware update page. It may allo...

7.2CVSS7.3AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 2026/01/29 10:15 p.m.10 views

CVE-2026-1624

A security vulnerability has been detected in D-Link DWR-M961 1.1.47. The affected element is an unknown function of the file /boafrm/formLtefotaUpgradeFibocom. Such manipulation of the argument fotaurl leads to command injection. The attack can be launched remotely. The exploit has been disclose...

8.8CVSS0.02568EPSS
Exploits0References5
CNVD
CNVD
added 2020/08/31 12:0 a.m.3 views

ASUS RT-AC1900P routers cross-site scripting vulnerability

ASUS RT-AC1900P routers is a router device. A cross-site scripting vulnerability exists in the ASUS RT-AC1900P routers firmware update page, which can be exploited by remote attackers to inject malicious script or HTML code that can be used to gain access to sensitive information or hijack user...

6.1CVSS6.5AI score0.00649EPSS
Exploits0References1
Rows per page
Query Builder