CVE-2024-33893
- Reference to the description:
- Description:
- Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3.
- Last updated date:
- 10/31/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 09/03/2024
- Reference url to background
https://blog.syss.com/posts/hacking-a-secure-industrial-remote-access-gateway/