VDB

CVE-2022-43376

CVE-2022-43376 PUBLISHED CVSS 7.599999904632568 HIGH

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 (V4.7.0 and prior)

EPSS 0.54% · 68.1th percentile

Risk Scores

CVSS 3.1
7.599999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
EPSS Score
0.54%
68.1th percentile

Affected Products

VendorProductVersions
schneider-electricnetbotz_455_firmware4.0.0
schneider-electricnetbotz_450_firmware4.0.0
schneider-electricnetbotz_355_firmware4.0.0
schneider-electricnetbotz_570_firmware4.0.0
schneider-electricnetbotz_550_firmware4.0.0
Schneider ElectricNetBotz 4 - 355/450/455/550/570V4.7.0 and prior

Timeline

  • Apr 18, 2023 CVE Published
  • Apr 19, 2023 EPSS Score
  • May 26, 2023 EPSS Score
  • Jul 3, 2023 EPSS Score
  • Aug 9, 2023 EPSS Score
  • Sep 16, 2023 EPSS Score
  • Oct 23, 2023 EPSS Score
  • Nov 30, 2023 EPSS Score
  • Jan 6, 2024 EPSS Score
  • Feb 13, 2024 EPSS Score
  • Mar 21, 2024 EPSS Score
  • Apr 28, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›