Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Rockwell Automation 1734-AENTR 跨站脚本漏洞
Vulnerability Description
Rockwell Automation 1734-AENTR是美国 (Rockwell Automation)公司的一个工业设备。提供了一个工业控制系统。 1734-AENTR 存在跨站脚本漏洞,该漏洞源于通信模块的web接口易受攻击XSS存储。未经身份验证的远程攻击者可能存储恶意脚本在web界面中,当执行时,可以在web界面的首页修改一些字符串值。
CVSS Information
N/A
Vulnerability Type
N/A