Описание
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting (XSS) vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
Ссылки
- Product
- Third Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.7.18.0 (включая)
Одновременно
cpe:2.3:o:ilevia:eve_x1_server_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ilevia:eve_x1_server:-:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00107
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
4 месяца назад
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting (XSS) vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to the internet.
EPSS
Процентиль: 29%
0.00107
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79