CVE-2023-34412
Stored XXS vulnerability in mbnet, mbnet.rokey, REX 200 and REX 250
Severity Score
4.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an
authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-06-05 CVE Reserved
- 2023-08-17 CVE Published
- 2024-07-17 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://cert.vde.com/en/advisories/VDE-2023-012 | Third Party Advisory | |
| https://cert.vde.com/en/advisories/VDE-2023-029 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Helmholz Search vendor "Helmholz" | Rex 250 Firmware Search vendor "Helmholz" for product "Rex 250 Firmware" | < 7.3.2 Search vendor "Helmholz" for product "Rex 250 Firmware" and version " < 7.3.2" | - |
Affected
| in | Helmholz Search vendor "Helmholz" | Rex 250 Search vendor "Helmholz" for product "Rex 250" | - | - |
Safe
|
| Helmholz Search vendor "Helmholz" | Rex 200 Firmware Search vendor "Helmholz" for product "Rex 200 Firmware" | < 7.3.2 Search vendor "Helmholz" for product "Rex 200 Firmware" and version " < 7.3.2" | - |
Affected
| in | Helmholz Search vendor "Helmholz" | Rex 200 Search vendor "Helmholz" for product "Rex 200" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 210 Firmware Search vendor "Redlion" for product "Mbnet.rokey Rkh 210 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet.rokey Rkh 210 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 210 Search vendor "Redlion" for product "Mbnet.rokey Rkh 210" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 216 Firmware Search vendor "Redlion" for product "Mbnet.rokey Rkh 216 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet.rokey Rkh 216 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 216 Search vendor "Redlion" for product "Mbnet.rokey Rkh 216" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 235 Firmware Search vendor "Redlion" for product "Mbnet.rokey Rkh 235 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet.rokey Rkh 235 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 235 Search vendor "Redlion" for product "Mbnet.rokey Rkh 235" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 259 Firmware Search vendor "Redlion" for product "Mbnet.rokey Rkh 259 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet.rokey Rkh 259 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet.rokey Rkh 259 Search vendor "Redlion" for product "Mbnet.rokey Rkh 259" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 811 Firmware Search vendor "Redlion" for product "Mbnet Mdh 811 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 811 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 811 Search vendor "Redlion" for product "Mbnet Mdh 811" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 850 Firmware Search vendor "Redlion" for product "Mbnet Mdh 850 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 850 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 850 Search vendor "Redlion" for product "Mbnet Mdh 850" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 871 Firmware Search vendor "Redlion" for product "Mbnet Mdh 871 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 871 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 871 Search vendor "Redlion" for product "Mbnet Mdh 871" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 831 Firmware Search vendor "Redlion" for product "Mbnet Mdh 831 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 831 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 831 Search vendor "Redlion" for product "Mbnet Mdh 831" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 855 Firmware Search vendor "Redlion" for product "Mbnet Mdh 855 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 855 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 855 Search vendor "Redlion" for product "Mbnet Mdh 855" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 876 Firmware Search vendor "Redlion" for product "Mbnet Mdh 876 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 876 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 876 Search vendor "Redlion" for product "Mbnet Mdh 876" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 858 Firmware Search vendor "Redlion" for product "Mbnet Mdh 858 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 858 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 858 Search vendor "Redlion" for product "Mbnet Mdh 858" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 816 Firmware Search vendor "Redlion" for product "Mbnet Mdh 816 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 816 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 816 Search vendor "Redlion" for product "Mbnet Mdh 816" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 841 Firmware Search vendor "Redlion" for product "Mbnet Mdh 841 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 841 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 841 Search vendor "Redlion" for product "Mbnet Mdh 841" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 859 Firmware Search vendor "Redlion" for product "Mbnet Mdh 859 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 859 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 859 Search vendor "Redlion" for product "Mbnet Mdh 859" | - | - |
Safe
|
| Redlion Search vendor "Redlion" | Mbnet Mdh 835 Firmware Search vendor "Redlion" for product "Mbnet Mdh 835 Firmware" | < 7.3.2 Search vendor "Redlion" for product "Mbnet Mdh 835 Firmware" and version " < 7.3.2" | - |
Affected
| in | Redlion Search vendor "Redlion" | Mbnet Mdh 835 Search vendor "Redlion" for product "Mbnet Mdh 835" | - | - |
Safe
|