An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-02-21T01:00:00Z

Updated: 2024-09-16T22:56:19.132Z

Reserved: 2018-02-20T00:00:00Z

Link: CVE-2018-7277

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-02-21T01:29:00.327

Modified: 2024-11-21T04:11:55.437

Link: CVE-2018-7277

cve-icon Redhat

No data.