Rifartek: Security Vulnerabilities
RIFARTEK IOT Wall has a vulnerability of incorrect authorization. An authenticated remote attacker with general user privilege is allowed to perform specific privileged function to access and modify all sensitive data.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-03-27
RIFARTEK IOT Wall transportation function has insufficient filtering for user input. An authenticated remote attacker with general user privilege can inject JavaScript to perform reflected XSS (Reflected Cross-site scripting) attack.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-03-27