An unauthenticated remote attacker may use a HTML injection vulnerability with limited length to inject malicious HTML code and gain low-privileged access on the affected device.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2024-033 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
22 Aug 2024, 13:34
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/mod-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:profinet\/modbus_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:icdm-rx\/tcp_socketserver_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:modbus_router_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:eip\/modbus_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-16rj45\/2rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-16rj45\/rj45-rm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-4db9\/2rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-32rj45\/rj45-rm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-2db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-16db9\/rj45-rm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/mod-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:modbus_tcp_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:ethernet\/ip_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:profinet_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en1-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-db9\/rj45-pm2:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-8db9\/2rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/tcp-4db9\/2rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/mod-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:o:pepperl-fuchs:modbus_server_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn1-2st\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/en-db9\/rj45-din:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-db9\/rj45-pm:-:*:*:*:*:*:*:* cpe:2.3:h:pepperl-fuchs:icdm-rx\/pn-st\/rj45-din:-:*:*:*:*:*:*:* |
|
Summary |
|
|
First Time |
Pepperl-fuchs icdm-rx\/pn-db9\/rj45-din
Pepperl-fuchs icdm-rx\/tcp Socketserver Firmware Pepperl-fuchs icdm-rx\/pn-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn1-db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-2db9\/rj45-din Pepperl-fuchs icdm-rx\/tcp-16rj45\/rj45-rm Pepperl-fuchs icdm-rx\/en1-4db9\/2rj45-din Pepperl-fuchs Pepperl-fuchs icdm-rx\/pn-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/en-st\/rj45-din Pepperl-fuchs eip\/modbus Firmware Pepperl-fuchs icdm-rx\/pn1-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn1-st\/rj45-din Pepperl-fuchs icdm-rx\/en-db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-st\/rj45-din Pepperl-fuchs icdm-rx\/en-2st\/rj45-din Pepperl-fuchs icdm-rx\/en-db9\/rj45-pm Pepperl-fuchs icdm-rx\/pn-st\/rj45-din Pepperl-fuchs icdm-rx\/pn-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-2st\/rj45-din Pepperl-fuchs profinet Firmware Pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-pm Pepperl-fuchs modbus Router Firmware Pepperl-fuchs icdm-rx\/en1-db9\/rj45-din Pepperl-fuchs ethernet\/ip Firmware Pepperl-fuchs icdm-rx\/tcp-16rj45\/2rj45-pm Pepperl-fuchs modbus Tcp Firmware Pepperl-fuchs profinet\/modbus Firmware Pepperl-fuchs icdm-rx\/tcp-st\/rj45-din Pepperl-fuchs icdm-rx\/tcp-8db9\/2rj45-pm Pepperl-fuchs icdm-rx\/tcp-16db9\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-32rj45\/rj45-rm Pepperl-fuchs icdm-rx\/tcp-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en1-db9\/rj45-pm Pepperl-fuchs icdm-rx\/mod-db9\/rj45-din Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-din Pepperl-fuchs icdm-rx\/pn1-2st\/rj45-din Pepperl-fuchs icdm-rx\/pn-2st\/rj45-din Pepperl-fuchs icdm-rx\/en-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm2 Pepperl-fuchs icdm-rx\/mod-st\/rj45-din Pepperl-fuchs modbus Server Firmware Pepperl-fuchs icdm-rx\/pn1-2db9\/rj45-din Pepperl-fuchs icdm-rx\/en-2db9\/rj45-din Pepperl-fuchs icdm-rx\/mod-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/pn1-4db9\/2rj45-din Pepperl-fuchs icdm-rx\/tcp-2st\/rj45-din Pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm |
|
References | () https://cert.vde.com/en/advisories/VDE-2024-033 - Third Party Advisory |
13 Aug 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-13 13:15
Updated : 2024-08-22 13:34
NVD link : CVE-2024-38501
Mitre link : CVE-2024-38501
CVE.ORG link : CVE-2024-38501
JSON object : View
Products Affected
pepperl-fuchs
- icdm-rx\/tcp-16rj45\/2rj45-pm
- icdm-rx\/pn1-2st\/rj45-din
- icdm-rx\/pn1-st\/rj45-din
- icdm-rx\/tcp_socketserver_firmware
- icdm-rx\/tcp-2st\/rj45-din
- icdm-rx\/en-db9\/rj45-din
- icdm-rx\/tcp-4db9\/2rj45-din
- icdm-rx\/pn-4db9\/2rj45-din
- modbus_server_firmware
- icdm-rx\/en1-db9\/rj45-din
- icdm-rx\/tcp-32rj45\/rj45-rm
- icdm-rx\/pn-2st\/rj45-din
- icdm-rx\/en1-st\/rj45-din
- icdm-rx\/mod-4db9\/2rj45-din
- icdm-rx\/en1-db9\/rj45-pm
- icdm-rx\/tcp-16db9\/rj45-rm
- icdm-rx\/en1-2st\/rj45-din
- icdm-rx\/pn1-4db9\/2rj45-din
- icdm-rx\/tcp-16rj45\/rj45-rm
- icdm-rx\/pn1-db9\/rj45-din
- icdm-rx\/en-2db9\/rj45-din
- icdm-rx\/en-db9\/rj45-pm
- icdm-rx\/mod-db9\/rj45-din
- icdm-rx\/tcp-db9\/rj45-din
- icdm-rx\/en-2st\/rj45-din
- icdm-rx\/tcp-db9\/rj45-pm2
- icdm-rx\/pn-db9\/rj45-din
- icdm-rx\/pn1-2db9\/rj45-din
- profinet_firmware
- icdm-rx\/pn-db9\/rj45-pm
- profinet\/modbus_firmware
- modbus_router_firmware
- icdm-rx\/tcp-st\/rj45-din
- icdm-rx\/pn-st\/rj45-din
- modbus_tcp_firmware
- icdm-rx\/tcp-4db9\/2rj45-pm
- icdm-rx\/tcp-2db9\/rj45-din
- icdm-rx\/tcp-8db9\/2rj45-pm
- icdm-rx\/en1-4db9\/2rj45-din
- icdm-rx\/en1-2db9\/rj45-din
- icdm-rx\/pn1-db9\/rj45-pm
- icdm-rx\/en-st\/rj45-din
- icdm-rx\/pn-2db9\/rj45-din
- icdm-rx\/tcp-db9\/rj45-pm
- ethernet\/ip_firmware
- icdm-rx\/mod-st\/rj45-din
- eip\/modbus_firmware
- icdm-rx\/en-4db9\/2rj45-din
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')