CVE-2022-1074

Опубликовано: 29 мар. 2022

Источник: nvd

CVSS3: 4.3

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input

HTML Injection

in the WiFi settings of the dashboard leads to html injection.

Ссылки

https://vuldb.com/?id.194845
Third Party Advisory
https://vuldb.com/?id.194845
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tem:flex-1085_firmware:1.6.0:*:*:*:*:*:*:*

cpe:2.3:h:tem:flex-1085:-:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00206

Низкий

4.3 Medium

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-74

CWE-79

Связанные уязвимости

GHSA-5j37-xpr8-f7hr

CVSS3: 5.4

github

почти 4 года назад

A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input <h1>HTML Injection</h1> in the WiFi settings of the dashboard leads to html injection.

EPSS

Процентиль: 43%

0.00206

Низкий

4.3 Medium

CVSS3

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-74

CWE-79