CVE-2024-38502: Pepperl+Fuchs: Device Master ICDM-RX/* XSS vulnerability allows stored XSS
First published: Tue Aug 13 2024(Updated: )
An unauthenticated remote attacker may use stored XSS vulnerability to obtain information from a user or reboot the affected device once.
Credit: info@cert.vde.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Pepperl-fuchs Icdm-rx\/tcp Socketserver Firmware | <11.65 | |
| Any of | ||
| Pepperl-fuchs Icdm-rx\/tcp-16db9\/rj45-rm | ||
| Pepperl-fuchs Icdm-rx\/tcp-16rj45\/2rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/tcp-16rj45\/rj45-rm | ||
| Pepperl-fuchs Icdm-rx\/tcp-2db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/tcp-2st\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/tcp-32rj45\/rj45-rm | ||
| Pepperl-fuchs Icdm-rx\/tcp-4db9\/2rj45-din | ||
| Pepperl-fuchs Icdm-rx\/tcp-4db9\/2rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/tcp-8db9\/2rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/tcp-db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/tcp-db9\/rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/tcp-db9\/rj45-pm2 | ||
| Pepperl-fuchs Icdm-rx\/tcp-st\/rj45-din | ||
| All of | ||
| Pepperl-fuchs Profinet Firmware | <3.4.9 | |
| Any of | ||
| Pepperl-fuchs Icdm-rx\/pn-2db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn-2st\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn-4db9\/2rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn-db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn-db9\/rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/pn-st\/rj45-din | ||
| All of | ||
| Pepperl-fuchs Profinet\/modbus Firmware | <1.0.7 | |
| Any of | ||
| Pepperl-fuchs Icdm-rx\/pn1-2db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn1-2st\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn1-4db9\/2rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn1-db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/pn1-db9\/rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/pn1-st\/rj45-din | ||
| All of | ||
| Any of | ||
| Pepperl-fuchs Modbus Router Firmware | <7.09 | |
| Pepperl-fuchs Modbus Server Firmware | <7.11 | |
| Pepperl-fuchs Modbus Tcp Firmware | <7.11 | |
| Any of | ||
| Pepperl-fuchs Icdm-rx\/mod-4db9\/2rj45-din | ||
| Pepperl-fuchs Icdm-rx\/mod-db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/mod-st\/rj45-din | ||
| All of | ||
| Pepperl-fuchs Ethernet\/ip Firmware | <7.22 | |
| Any of | ||
| Pepperl-fuchs Icdm-rx\/en-2db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en-2st\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en-4db9\/2rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en-db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en-db9\/rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/en-st\/rj45-din | ||
| All of | ||
| Pepperl-fuchs Eip\/modbus Firmware | <1.08 | |
| Any of | ||
| Pepperl-fuchs Icdm-rx\/en1-2db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en1-2st\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en1-4db9\/2rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en1-db9\/rj45-din | ||
| Pepperl-fuchs Icdm-rx\/en1-db9\/rj45-pm | ||
| Pepperl-fuchs Icdm-rx\/en1-st\/rj45-din |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/references
- agent/title
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/pepperl-fuchs
- canonical/pepperl-fuchs icdm-rx\/tcp socketserver firmware
- canonical/pepperl-fuchs icdm-rx\/tcp-16db9\/rj45-rm
- canonical/pepperl-fuchs icdm-rx\/tcp-16rj45\/2rj45-pm
- canonical/pepperl-fuchs icdm-rx\/tcp-16rj45\/rj45-rm
- canonical/pepperl-fuchs icdm-rx\/tcp-2db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/tcp-2st\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/tcp-32rj45\/rj45-rm
- canonical/pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-din
- canonical/pepperl-fuchs icdm-rx\/tcp-4db9\/2rj45-pm
- canonical/pepperl-fuchs icdm-rx\/tcp-8db9\/2rj45-pm
- canonical/pepperl-fuchs icdm-rx\/tcp-db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm
- canonical/pepperl-fuchs icdm-rx\/tcp-db9\/rj45-pm2
- canonical/pepperl-fuchs icdm-rx\/tcp-st\/rj45-din
- canonical/pepperl-fuchs profinet firmware
- canonical/pepperl-fuchs icdm-rx\/pn-2db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn-2st\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn-4db9\/2rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn-db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn-db9\/rj45-pm
- canonical/pepperl-fuchs icdm-rx\/pn-st\/rj45-din
- canonical/pepperl-fuchs profinet\/modbus firmware
- canonical/pepperl-fuchs icdm-rx\/pn1-2db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn1-2st\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn1-4db9\/2rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn1-db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/pn1-db9\/rj45-pm
- canonical/pepperl-fuchs icdm-rx\/pn1-st\/rj45-din
- canonical/pepperl-fuchs modbus router firmware
- canonical/pepperl-fuchs modbus server firmware
- canonical/pepperl-fuchs modbus tcp firmware
- canonical/pepperl-fuchs icdm-rx\/mod-4db9\/2rj45-din
- canonical/pepperl-fuchs icdm-rx\/mod-db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/mod-st\/rj45-din
- canonical/pepperl-fuchs ethernet\/ip firmware
- canonical/pepperl-fuchs icdm-rx\/en-2db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/en-2st\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/en-4db9\/2rj45-din
- canonical/pepperl-fuchs icdm-rx\/en-db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/en-db9\/rj45-pm
- canonical/pepperl-fuchs icdm-rx\/en-st\/rj45-din
- canonical/pepperl-fuchs eip\/modbus firmware
- canonical/pepperl-fuchs icdm-rx\/en1-2db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/en1-2st\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/en1-4db9\/2rj45-din
- canonical/pepperl-fuchs icdm-rx\/en1-db9\/rj45-din
- canonical/pepperl-fuchs icdm-rx\/en1-db9\/rj45-pm
- canonical/pepperl-fuchs icdm-rx\/en1-st\/rj45-din