A remote low-privilege attacker can exploit this vulnerability to perform cross-site request forgery (CSRF) attacks. A local low-privilege attacker can exploit this vulnerability to obtain sensitive information. Desigo PXM30-1 (All versions V02.20.126.11-41), Desigo PXM30.E (All versions V02.20.126.11-41), Desigo PXM40-1 (All versions V02.20.126.11-41), Desigo PXM40.E (All versions V02.20.126.11-41), Desigo PXM50-1 (All versions V02.20.126.11-41), Desigo PXM50.E (All versions V02.20.126.11-41) are vulnerable; however, in some cases, the web server may not correctly handle the file types of the input package. These issues have been fixed in the latest firmware version. Desigo PXM30-1 (All versions V02.20.126.11-41), Desigo PXM30.E (All versions V02.20.126.11-41), Desigo PXM40-1 (All versions V02.20.126.11-41), Desigo PXM40.E (All versions V02.20.126.11-41), Desigo PXM
Product Description
Desigo PXM30-1 is a high performance and flexible development platform. It offers more than 50 embedded databases, and it has the capability to support all application types including web, enterprise resource planning (ERP), games and industrial control systems.
Desigo PXM30-1 (All versions V02.20.126.11-41) is vulnerable; however, in some cases, the web server may not correctly handle the file types of the input package. These issues have been fixed in the latest firmware version. Desigo PXM30-1 (All versions V02.20.126.11-41), Desigo PXM30.E (All versions V02.20.126.11-41), Desigo PXM40-1 (All versions V02.20.126.11-41), Desigo PXM40.E (All versions V02.20 126 11 -41), Desigo PXM50 -1 (All versions v02 . 20 126 11 -41) are vulnerable; however, in some cases, the web server may not correctly handle the file types of the input package
Potential Impact
The vulnerability can be exploited to perform cross-site request forgery (CSRF) attacks. A local low-privilege attacker can exploit this vulnerability to obtain sensitive information.
Products and Services Affected
A remote low-privilege attacker can exploit this vulnerability to perform cross-site request forgery (CSRF) attacks. Desigo PXM30-1 (All versions V02.20.126.11-41), Desigo PXM30.E (All versions V02.20.126.11-41), Desigo PXM40-1 (All versions V02.20.126.11-41), Desigo PXM40.E (All versions V02.20.126.11-41), Desigo PXM50-1 (All versions V02.20.126.11-41), Desigo PXM50.E (All versions V02.20
Timeline
Published on: 10/11/2022 11:15:00 UTC
Last modified on: 10/12/2022 17:17:00 UTC