CVE-2022-24915 ICSA-22-062-01 IPCOMM ipDIO

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section where the information is displayed. Injection can be done on specific parameters. Th...

CVE-2022-22985 ICSA-22-062-01 IPCOMM ipDIO

The absence of filters when loading some sections in the web application of the vulnerable device allows attackers to inject malicious code that will be interpreted when a legitimate user accesses the specific web section where the information is displayed. Injection can be done on specific...

CVE-2022-21146 ICSA-22-062-01 IPCOMM ipDIO

Persistent cross-site scripting in the web interface of ipDIO allows an unauthenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into a specific parameter. The XSS payload will be executed when a legitimate user attempts to review history...

IPCOMM ipDIO Code Injection Vulnerability (CNVD-2022-20533)

IPCOMM ipDIO is a remote control communication device from IPCOMM Germany. It is used to record digital and analog inputs and control digital outputs. A code injection vulnerability exists in IPCOMM ipDIO that stems from the absence of a filter when loading certain sections of a Web application o...