Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-33276

Published: 30/06/2023 Updated: 07/07/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Gira

Vulnerability Summary

The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS).

Vulnerable Product Search on Vulmon Subscribe to Product

gira knx_ip_router_firmware 3.1.3683.0

gira knx_ip_router_firmware 3.3.8.0

References

CWE-79https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-016.txthttps://www.syss.de/en/responsible-disclosure-policyhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook