Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into following a malicious link. User interaction is required for a successful exploitation. At the time of advisory publication no public exploitation of this vulnerability was known.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Siemens CP1604和CP1616 跨站脚本漏洞
Vulnerability Description
Siemens CP1604和CP1616都是德国西门子(Siemens)公司的一款通信处理器。 Siemens CP1604和CP1616中的integrated web server中存在跨站脚本漏洞,该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。以下产品和版本受到影响:Siemens CP 1616 2.7.2版本,2.1版本;Siemens CP 1604 2.7.2版本,2.1版本。
CVSS Information
N/A
Vulnerability Type
N/A