Products
PLANEX COMMUNICATIONS network cameras
Source
vultures@jpcert.or.jp
Tags
CVE-2024-45836 details
Published : Sept. 26, 2024, 5:15 a.m.
Last Modified : Sept. 26, 2024, 1:32 p.m.
Last Modified : Sept. 26, 2024, 1:32 p.m.
Description
Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the web browser of the user.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|---|---|
CWE-79 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
References
URL | Source |
---|---|
https://jvn.jp/en/jp/JVN81966868/ | vultures@jpcert.or.jp |
This website uses the NVD API, but is not approved or certified by it.