Vulnerabilities (CVE)

Filtered by vendor Gira Subscribe
Filtered by product Knx Ip Router Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-33277 1 Gira 2 Knx Ip Router, Knx Ip Router Firmware 2024-02-04 N/A 7.5 HIGH
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL.
CVE-2023-33276 1 Gira 2 Knx Ip Router, Knx Ip Router Firmware 2024-02-04 N/A 6.1 MEDIUM
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS).