First published: Thu Feb 24 2022(Updated: )
The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Rockwellautomation 1734-aentr Point I\/o Dual Port Network Adaptor Series B Firmware | >=4.001<=4.005 | |
Rockwellautomation 1734-aentr Point I\/o Dual Port Network Adaptor Series B Firmware | >=5.011<=5.017 | |
Rockwellautomation 1734-aentr Point I\/o Dual Port Network Adaptor Series B | ||
Rockwellautomation 1734-aentr Point I\/o Dual Port Network Adaptor Series C Firmware | =6.011 | |
Rockwellautomation 1734-aentr Point I\/o Dual Port Network Adaptor Series C Firmware | =6.012 | |
Rockwellautomation 1734-aentr Point I\/o Dual Port Network Adaptor Series C | ||
Rockwell Automation Series B, Versions 4.001 to 4.005, and 5.011 to 5.017 | ||
Rockwell Automation Series C, Versions 6.011 and 6.012 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.