Vulnerabilities > Gira > KNX IP Router Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-06-30 CVE-2023-33276 Cross-site Scripting vulnerability in Gira KNX IP Router Firmware 3.1.3683.0/3.3.8.0
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist.
network
low complexity
gira CWE-79
6.1
6.1
2023-06-29 CVE-2023-33277 Path Traversal vulnerability in Gira KNX IP Router Firmware 3.1.3683.0/3.3.8.0
The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL.
network
low complexity
gira CWE-22
7.5
7.5