CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-5303

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The license key parameter of the web application is vulnerable to Cross Site Scripting; this vulnerability allows an attacker to send malicious code to another user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

http://blog.isecurion.com/2018/05/09/impinj-speedway-r420-rfid-reader/
http://blog.isecurion.com/2018/05/09/impinj-speedway-r420-rfid-reader/

Products affected by CVE-2018-5303

Impinj » R420 Rfid Reader » Version: N/A

cpe:2.3:h:impinj:r420_rfid_reader:-
Impinj » R420 Rfid Reader Firmware » Version: Any

cpe:2.3:o:impinj:r420_rfid_reader_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-5303

Products

Pricing

Contact Us