An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://cert.vde.com/en/advisories/VDE-2024-033 |
History
Thu, 22 Aug 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Pepperl-fuchs
Pepperl-fuchs eip\/modbus Firmware Pepperl-fuchs ethernet\/ip Firmware Pepperl-fuchs icdm-rx\/en-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en-2st\/rj45-din Pepperl-fuchs icdm-rx\/en-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/en-db9\/rj45-din Pepperl-fuchs icdm-rx\/en-db9\/rj45-pm Pepperl-fuchs icdm-rx\/en-st\/rj45-din Pepperl-fuchs icdm-rx\/en1-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-2st\/rj45-din Pepperl-fuchs icdm-rx\/en1-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/en1-db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-db9\/rj45-pm Pepperl-fuchs icdm-rx\/en1-st\/rj45-din Pepperl-fuchs icdm-rx\/mod-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/mod-db9\/rj45-din Pepperl-fuchs icdm-rx\/mod-st\/rj45-din Pepperl-fuchs icdm-rx\/pn-2db9\/rj45-din Pepperl-fuchs icdm-rx\/pn-2st\/rj45-din Pepperl-fuchs icdm-rx\/pn-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/pn-db9\/rj45-din Pepperl-fuchs icdm-rx\/pn-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn-st\/rj45-din Pepperl-fuchs icdm-rx\/pn1-2db9\/rj45-din Pepperl-fuchs icdm-rx\/pn1-2st\/rj45-din Pepperl-fuchs icdm-rx\/pn1-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/pn1-db9\/rj45-din Pepperl-fuchs icdm-rx\/pn1-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn1-st\/rj45-din Pepperl-fuchs icdm-rx\/tcp-16db9\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-16rj45\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-16rj45\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-2db9\/rj45-din Pepperl-fuchs icdm-rx\/tcp-2st\/rj45-din Pepperl-fuchs icdm-rx\/tcp-32rj45\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-8db9\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-din Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm2 Pepperl-fuchs icdm-rx\/tcp-st\/rj45-din Pepperl-fuchs icdm-rx\/tcp Socketserver Firmware Pepperl-fuchs modbus Router Firmware Pepperl-fuchs modbus Server Firmware Pepperl-fuchs modbus Tcp Firmware Pepperl-fuchs profinet\/modbus Firmware Pepperl-fuchs profinet Firmware |
|
CPEs | cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/mod-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/mod-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/mod-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-16db9\/rj45-rm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-16rj45\/2rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-16rj45\/rj45-rm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-32rj45\/rj45-rm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-4db9\/2rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-8db9\/2rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-db9\/rj45-pm2:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:eip\/modbus_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:ethernet\/ip_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:icdm-rx\/tcp_socketserver_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:modbus_router_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:modbus_server_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:modbus_tcp_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:profinet\/modbus_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:profinet_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Pepperl-fuchs
Pepperl-fuchs eip\/modbus Firmware Pepperl-fuchs ethernet\/ip Firmware Pepperl-fuchs icdm-rx\/en-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en-2st\/rj45-din Pepperl-fuchs icdm-rx\/en-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/en-db9\/rj45-din Pepperl-fuchs icdm-rx\/en-db9\/rj45-pm Pepperl-fuchs icdm-rx\/en-st\/rj45-din Pepperl-fuchs icdm-rx\/en1-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-2st\/rj45-din Pepperl-fuchs icdm-rx\/en1-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/en1-db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-db9\/rj45-pm Pepperl-fuchs icdm-rx\/en1-st\/rj45-din Pepperl-fuchs icdm-rx\/mod-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/mod-db9\/rj45-din Pepperl-fuchs icdm-rx\/mod-st\/rj45-din Pepperl-fuchs icdm-rx\/pn-2db9\/rj45-din Pepperl-fuchs icdm-rx\/pn-2st\/rj45-din Pepperl-fuchs icdm-rx\/pn-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/pn-db9\/rj45-din Pepperl-fuchs icdm-rx\/pn-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn-st\/rj45-din Pepperl-fuchs icdm-rx\/pn1-2db9\/rj45-din Pepperl-fuchs icdm-rx\/pn1-2st\/rj45-din Pepperl-fuchs icdm-rx\/pn1-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/pn1-db9\/rj45-din Pepperl-fuchs icdm-rx\/pn1-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn1-st\/rj45-din Pepperl-fuchs icdm-rx\/tcp-16db9\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-16rj45\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-16rj45\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-2db9\/rj45-din Pepperl-fuchs icdm-rx\/tcp-2st\/rj45-din Pepperl-fuchs icdm-rx\/tcp-32rj45\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-8db9\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-din Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm2 Pepperl-fuchs icdm-rx\/tcp-st\/rj45-din Pepperl-fuchs icdm-rx\/tcp Socketserver Firmware Pepperl-fuchs modbus Router Firmware Pepperl-fuchs modbus Server Firmware Pepperl-fuchs modbus Tcp Firmware Pepperl-fuchs profinet\/modbus Firmware Pepperl-fuchs profinet Firmware |
Tue, 13 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 13 Aug 2024 12:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device. | |
Title | Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows HTML injection | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: CERTVDE
Published: 2024-08-13T12:33:00.703Z
Updated: 2024-08-13T13:31:52.009Z
Reserved: 2024-06-18T07:56:44.761Z
Link: CVE-2024-38501
Vulnrichment
Updated: 2024-08-13T13:31:19.751Z
NVD
Status : Analyzed
Published: 2024-08-13T13:15:12.130
Modified: 2024-08-22T13:34:42.653
Link: CVE-2024-38501
Redhat
No data.