CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-5880

When the Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM) is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allows the attacker to inject malicious code with client side Java Script and/or HTML into the users' web browser.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.rapid7.com/blog/post/2024/01/03/genie-aladdin-connect-retrofit-garage-door-opener-multiple-vulnerabilities/
https://www.rapid7.com/blog/post/2024/01/03/genie-aladdin-connect-retrofit-garage-door-opener-multiple-vulnerabilities/

Products affected by CVE-2023-5880

Geniecompany » Aladdin Connect Garage Door Opener » Version: N/A

cpe:2.3:h:geniecompany:aladdin_connect_garage_door_opener:-
Geniecompany » Aladdin Connect Garage Door Opener Firmware » Version: Any

cpe:2.3:o:geniecompany:aladdin_connect_garage_door_opener_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5880

Products

Pricing

Contact Us