Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-5880

Published: 03/01/2024 Updated: 11/01/2024
CVSS v3 Base Score: 8.8 | Impact Score: 5.3 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Aladdin Connect Garage Door Opener Firmware

Vulnerability Summary

When the Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM) is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allows the malicious user to inject malicious code with client side Java Script and/or HTML into the users' web browser. 

Vulnerable Product Search on Vulmon Subscribe to Product

geniecompany aladdin_connect_garage_door_opener_firmware

References

CWE-79https://www.rapid7.com/blog/post/2024/01/03/genie-aladdin-connect-retrofit-garage-door-opener-multiple-vulnerabilities/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook