Vulnerabilities > Deltacontrols > Entelitouch Firmware > 3.40.3706
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-29732 | Cross-site Scripting vulnerability in Deltacontrols Entelitouch Firmware 3.33.4005/3.40.3706/3.40.3935 Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to contain a cross-site scripting (XSS) vulnerability via the Username parameter. | 4.3 |
| 2022-06-02 | CVE-2022-29733 | Cleartext Transmission of Sensitive Information vulnerability in Deltacontrols Entelitouch Firmware 3.33.4005/3.40.3706/3.40.3935 Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and store sensitive information in cleartext. | 4.3 |
| 2022-06-02 | CVE-2022-29735 | Cross-Site Request Forgery (CSRF) vulnerability in Deltacontrols Entelitouch Firmware 3.33.4005/3.40.3706/3.40.3935 Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute arbitrary commands via a crafted HTTP request. | 6.8 |