Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe
Filtered by product Netbotz 450
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-43376 1 Schneider-electric 10 Netbotz 355, Netbotz 355 Firmware, Netbotz 450 and 7 more 2024-02-04 N/A 6.1 MEDIUM
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)
CVE-2022-43377 1 Schneider-electric 10 Netbotz 355, Netbotz 355 Firmware, Netbotz 450 and 7 more 2024-02-04 N/A 7.5 HIGH
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover when a brute force attack is performed on the account. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)
CVE-2022-43378 1 Schneider-electric 10 Netbotz 355, Netbotz 355 Firmware, Netbotz 450 and 7 more 2024-02-04 N/A 6.5 MEDIUM
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)