CVE-2022-24915

CVE-2022-24915 in IPCOMM ipDIO: a code-injection vulnerability in the web interface caused by insufficient input filtering when loading sections. It enables injection of malicious code that executes when a legitimate user performs config-related actions (upload/copy/download/delete). The ICS advi...

CVE-2022-24432

CVE-2022-24432 describes a persistent cross-site scripting (XSS) vulnerability in the IPCOMM ipDIO web interface. The issue allows an authenticated remote attacker to inject arbitrary JavaScript by placing an XSS payload into certain fields, with payload execution occurring when users upload, cop...

CVE-2022-21146

CVE-2022-21146 affects IPCOMM ipDIO web interface. It is a persistent cross-site scripting vulnerability in a web parameter that allows an unauthenticated remote attacker to inject arbitrary JavaScript, with execution when a legitimate user reviews history. The issue is identified in multiple rec...

CVE-2022-22985

The CVE-2022-22985 entry affects IPCOMM ipDIO. It describes a code injection vulnerability caused by the absence of input filters when loading web sections, allowing injected code to execute when a legitimate user reviews history. The issue pertains to the web interface and specific parameters, w...