CVE-2022-24432 ICSA-22-062-01 IPCOMM ipDIO

Persistent cross-site scripting XSS in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an...

CVE-2022-24915 ICSA-22-062-01 IPCOMM ipDIO

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. Th...

CVE-2022-22985 ICSA-22-062-01 IPCOMM ipDIO

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the specific web section where the information is displayed. Injection can be done on specific...

CVE-2022-22985 ICSA-22-062-01 IPCOMM ipDIO

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the specific web section where the information is displayed. Injection can be done on specific...

CVE-2022-21146 ICSA-22-062-01 IPCOMM ipDIO

Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history...

IPCOMM ipDIO Cross-Site Scripting Vulnerability (CNVD-2022-20535)

IPCOMM ipDIO is a remote control communication device from IPCOMM Germany. It is used to record digital and analog inputs and control digital outputs. A cross-site scripting vulnerability exists in IPCOMM ipDIO that allows an unauthenticated, remote attacker to exploit the vulnerability to...

IPCOMM ipDIO Code Injection Vulnerability

IPCOMM ipDIO is a remote control communication device from IPCOMM Germany. It is used to record digital and analog inputs and control digital outputs. A code injection vulnerability exists in IPCOMM ipDIO that stems from the absence of a filter when loading certain sections of the Web application...

IPCOMM ipDIO Cross-Site Scripting Vulnerability

IPCOMM ipDIO is a remote control communication device from IPCOMM Germany. It is used to record digital and analog inputs and control digital outputs. A cross-site scripting vulnerability exists in IPCOMM ipDIO, which allows an authenticated, remote attacker to exploit the vulnerability to...

IPCOMM ipDIO Code Injection Vulnerability (CNVD-2022-20533)

IPCOMM ipDIO is a remote control communication device from IPCOMM Germany. It is used to record digital and analog inputs and control digital outputs. A code injection vulnerability exists in IPCOMM ipDIO that stems from the absence of a filter when loading certain sections of a Web application o...

IPCOMM ipDIO

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: IPCOMM Equipment: ipDIO Vulnerabilities: Cross-site Scripting, Code Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject and execute arbitrary...