Security Advisory

CVE-2020-10633

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-08 00:03:25

Last updated 2024-08-04 11:06:10

Assigner icscert

State PUBLISHED

Description

A non-persistent XSS (cross-site scripting) vulnerability exists in eWON Flexy and Cosy (all firmware versions prior to 14.1s0). An attacker could send a specially crafted URL to initiate a password change for the device. The target must introduce the credentials to the gateway before the attack can be successful.

← Browse all CVEs View on cve.org ↗