Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:h:rockwellautomation:1734-aentr_point_i\/o_dual_port_network_adaptor_series_b:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-14504 |
The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings. Published: February 24, 2022; 2:15:08 PM -0500 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2020-14502 |
The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface. Published: February 24, 2022; 2:15:08 PM -0500 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |