CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-5382

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile7.49th
Published2014年8月20日
Last Modified2026年5月6日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors.

Affected Platforms (CPE)

💻
Schrack

Technik Microcontrol Firmware

= 1.7.0\(937\)
🔌
Schrack

Technik Microcontrol

All versions

References & Advisories

🔗 http://seclists.org/fulldisclosure/2014/Jul/40
🔗 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt
🔗 http://seclists.org/fulldisclosure/2014/Jul/40
🔗 https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt

関連する脆弱性情報

CVE-2014-832910.0

Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under the web root with insufficient ac...

CVE-2014-53967.5

The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the "user" ...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...

CVE-2014-052910.0

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to ex...