### [CVE-2024-12476](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12476)
![](https://img.shields.io/static/v1?label=Product&message=Web%20Designer%20for%20BMENOC0311(C)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Web%20Designer%20for%20BMENOC0321(C)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Web%20Designer%20for%20BMXNOE0110(H)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Web%20Designer%20for%20BMXNOR0200H&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20All%20Versions%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20All%20versions%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-611%20Improper%20Restriction%20of%20XML%20External%20Entity%20Reference&color=brighgreen)

### Description

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that couldcause information disclosure, impacts workstation integrity and potential remote code execution on thecompromised computer, when specific crafted XML file is imported in the Web Designer configuration tool.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/JsHuang/CVE-Assigned