CVE-2021-23282

MEDIUM Year: 2021
CVSS v3 Score
5.2
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

Eaton Intelligent Power Manager (IPM) prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to compromise the system

Related Vulnerabilities

CVE-2016-10864

MEDIUM
CVSS:5.2(Medium)

NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.

CWE-792016

CVE-2017-18700

MEDIUM
CVSS:5.2(Medium)

Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4...

CWE-792017

CVE-2017-18701

MEDIUM
CVSS:5.2(Medium)

Certain NETGEAR devices are affected by reflected XSS. This affects R6700 before 1.0.1.36 and R6900 before 1.0.1.34.

CWE-792017

CVE-2017-18715

MEDIUM
CVSS:5.2(Medium)

Certain NETGEAR devices are affected by reflected XSS. This affects EX3700 before 1.0.0.66, EX3800 before 1.0.0.66, EX6100 before 1.0.2.20, EX6120 before 1.0.0.34, EX6150 before 1.0.0.36, EX6200 befor...

CWE-792017

CVE-2017-18745

MEDIUM
CVSS:5.2(Medium)

Certain NETGEAR devices are affected by stored XSS. This affects R6400 before 1.0.1.14, R6700 before 1.0.1.22, R6900 before 1.0.1.22, R7000 before 1.0.9.4, R7100LG before 1.0.0.32, R7300DST before 1.0...

CWE-792017

CVE-2017-18807

MEDIUM
CVSS:5.2(Medium)

NETGEAR ReadyNAS OS 6 devices running ReadyNAS OS versions prior to 6.8.0 are affected by stored XSS.

CWE-792017