Arbitrary JavaScript Payload Injection Vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200/REX 250 Devices

Arbitrary JavaScript Payload Injection Vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200/REX 250 Devices

CVE-2023-34412 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).

Learn more about our Web Application Penetration Testing UK.