mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
1.0 KiB
1.0 KiB
CVE-2018-7831
&color=brighgreen)
Description
An Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to send a specially crafted URL to a currently authenticated web server user to execute a password change on the web server.
POC
Reference
- https://www.tenable.com/security/research/tra-2018-38
- https://www.tenable.com/security/research/tra-2018-38
Github
No PoCs found on GitHub currently.