Vulnerability Details CVE-2018-5304
An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The affected web interface is vulnerable to ClickJacking or UI Redressing: it is possible to access the web application in an iframe, and clicking on the iframe will redirect to a third-party application or perform other malicious actions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.1%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
References
Products affected by CVE-2018-5304
-
cpe:2.3:h:impinj:r420_rfid_reader:-
-
cpe:2.3:o:impinj:r420_rfid_reader_firmware:*