MEDIUM🇬🇧 English

CVE-2015-3970

CVSS 4.3v2.0pub. 2015-10-28upd. 2026-05-06

Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Janitza Umg 508

    HW
    Janitza
    wszystkie wersje
  • Janitza Umg 509

    HW
    Janitza
    wszystkie wersje
  • Janitza Umg 511

    HW
    Janitza
    wszystkie wersje
  • Janitza Umg 604

    HW
    Janitza
    wszystkie wersje
  • Janitza Umg 605

    HW
    Janitza
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2015-3968HIGH7.5ten sam produkt

The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easi...

CVE-2015-3971HIGH7.5ten sam produkt

The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which ...

CVE-2015-3972HIGH10.0ten sam produkt

The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authen...

CVE-2015-3967MEDIUM6.8ten sam produkt

Cross-site request forgery (CSRF) vulnerability on Janitza UMG 508, 509, 511, 604, and 605 devices allows remo...

CVE-2015-3969MEDIUM5.0ten sam produkt

Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection ...