CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-24432

Persistent cross-site scripting (XSS) in the web interface of ipDIO allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into specific fields. The XSS payload will be executed when a legitimate user attempts to upload, copy, download, or delete an existing configuration (Administrative Services).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.6%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 3.5

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-062-01
https://www.cisa.gov/uscert/ics/advisories/icsa-22-062-01

Products affected by CVE-2022-24432

Ipcomm » Ipdio » Version: N/A

cpe:2.3:h:ipcomm:ipdio:-
Ipcomm » Ipdio Firmware » Version: 3.9

cpe:2.3:o:ipcomm:ipdio_firmware:3.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-24432

Products

Pricing

Contact Us