Back to search
CVE-2018-18997
Published: Jan 3, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.
| Vendor | Product | Versions |
|---|---|---|
n/a | ABB GATE-E1 and GATE-E2 | affected All versions |
Weaknesses (CWE)
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-352-01
x_refsource_MISC
106247
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now