Vulnerability Details CVE-2018-18997
Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-18997
-
cpe:2.3:h:abb:gate-e1:-
-
cpe:2.3:h:abb:gate-e2:-
-
cpe:2.3:o:abb:gate-e1_firmware:-
-
cpe:2.3:o:abb:gate-e2_firmware:-