SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Sauter-controls |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-43491 | SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02 |
|
History
Wed, 16 Apr 2025 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2025-04-16T17:43:26.696Z
Reserved: 2022-09-29T00:00:00.000Z
Link: CVE-2022-40190
Vulnrichment
Updated: 2024-08-03T12:14:39.857Z
NVD
Status : Modified
Published: 2022-10-31T21:15:12.660
Modified: 2024-11-21T07:21:01.907
Link: CVE-2022-40190
Redhat
No data.
OpenCVE Enrichment
No data.