CVE-2012-5053
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerability in the Receiver Web User Interface on Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, and NetR9 before 4.70, and NetRS before 1.3-2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el Receiver Web User Interface en Trimble Infrastructure GNSS Series Receivers NetR3, NetR5, NetR8, y NetR9 antes de v4.70, y NetR5 antes de v1.3-2, que permite a atacantes remotos inyectar un script web o HTML a través de vectores sin especificar.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-09-21 CVE Reserved
- 2013-01-16 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-01/0063.html | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Netr3 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Netr3" | - | - |
Affected
| in | Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Firmware Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" | < 4.7.0 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" and version " < 4.7.0" | - |
Safe
|
| Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Netr5 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Netr5" | - | - |
Affected
| in | Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Firmware Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" | < 4.7.0 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" and version " < 4.7.0" | - |
Safe
|
| Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Netr8 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Netr8" | - | - |
Affected
| in | Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Firmware Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" | < 4.7.0 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" and version " < 4.7.0" | - |
Safe
|
| Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Netr9 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Netr9" | - | - |
Affected
| in | Trimble Search vendor "Trimble" | Infrastructure Gnss Series Receiver Firmware Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" | < 4.7.0 Search vendor "Trimble" for product "Infrastructure Gnss Series Receiver Firmware" and version " < 4.7.0" | - |
Safe
|
| Trimble Search vendor "Trimble" | Infrastructure Netrs Receiver Search vendor "Trimble" for product "Infrastructure Netrs Receiver" | - | - |
Affected
| in | Trimble Search vendor "Trimble" | Infrastructure Netrs Receiver Firmware Search vendor "Trimble" for product "Infrastructure Netrs Receiver Firmware" | < 1.3-2 Search vendor "Trimble" for product "Infrastructure Netrs Receiver Firmware" and version " < 1.3-2" | - |
Safe
|