Vulnerabilities > CVE-2023-23553 - Unspecified vulnerability in Controlbyweb X-400 Firmware

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

controlbyweb

NVD

Published: 2023-02-13

Updated: 2024-11-21

Summary

Control By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.

Vulnerable Configurations

Part	Description	Count
OS	Controlbyweb Controlbyweb X 400 Firmware -	1
Hardware	Controlbyweb Controlbyweb X 400 -	1

References

https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-01
https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-01