CVE-2018-19615

CVE-2018-19615

EPSS 3.3%

Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userâs web browser to gain access to the affected device.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/150600/Rockwell-Automation-Allen-Bradley-PowerMonitor-1000-XSS.html https://ics-cert.us-cert.gov/advisories/ICSA-19-050-04 https://www.exploit-db.com/exploits/45928/http://www.securityfocus.com/bid/106333 http://www.securityfocus.com/bid/108538