The web interface on Advantech/B+B SmartWorx VESP211-EU devices with firmware 1.7.2 and VESP211-232 devices with firmware 1.5.1 and 1.7.2 relies on the client to implement access control, which allows remote malicious users to perform administrative actions via modified JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
advantech vesp211-eu_firmware 1.7.2 |
||
advantech vesp211-232_firmware 1.5.1 |
||
advantech vesp211-232_firmware 1.7.2 |