Vulnerabilities > Rittal > CMC PU III 7030 000 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2021-40222 OS Command Injection vulnerability in Rittal CMC PU III 7030.000 Firmware 3.11.002/3.15.704
Rittal CMC PU III Web management Version affected: V3.11.00_2.
network
low complexity
rittal CWE-78
7.2
7.2
2021-09-09 CVE-2021-40223 Cross-site Scripting vulnerability in Rittal CMC PU III 7030.000 Firmware 3.11.002/3.15.704
Rittal CMC PU III Web management (version V3.11.00_2) fails to sanitize user input on several parameters of the configuration (User Configuration dialog, Task Configuration dialog and set logging filter dialog).
network
low complexity
rittal CWE-79
5.4
5.4
2020-10-01 CVE-2019-19393 Cross-site Scripting vulnerability in Rittal CMC PU III 7030.000 Firmware 3.11.002/3.15.704
The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page.
network
low complexity
rittal CWE-79
6.1
6.1