Описание
The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.
EPSS
4.7 Medium
CVSS3
Дефекты
Связанные уязвимости
The web server of affected devices does not properly validate input that is used for a user redirection. This could allow an attacker to make the server redirect the legitimate user to an attacker-chosen URL. For a successful exploit, the legitimate user must actively click on an attacker-crafted link.
Уязвимость веб-сервера микропрограммного обеспечения программируемых логических контроллеров SIMATICS7-1500 и S7-1200 CPU family, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
EPSS
4.7 Medium
CVSS3