9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.8%
SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in usersβ browsers and steal sensitive information, including user credentials.
CPE | Name | Operator | Version |
---|---|---|---|
sauter-controls:moduweb_firmware | sauter-controls moduweb firmware | eq | 2.7.1 |
[
{
"vendor": "SAUTER Controls",
"product": "moduWeb",
"versions": [
{
"version": "firmware Version 2.7.1",
"status": "affected"
}
]
}
]
More
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.8%