Vulnerabilities

CVE-2021-27418

by Fred · 23/03/2022

GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attacks, which may be used to send a malicious script. Also, UR Firmware web server does not perform HTML encoding of user-supplied strings.

Date published : 2022-03-23

https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02

https://www.gegridsolutions.com/Passport/Login.aspx

Similar

Tags: Cybersecurity Alert