CVE-2018-0679

Name of the Vulnerable Software and Affected Versions FXC Inc. Managed Ethernet switch FXC5210/5218/5224 versions prior to Ver1.00.22 FXC Inc. Managed Ethernet switch FXC5426F versions prior to Ver1.00.06 FXC Inc. Managed Ethernet switch FXC5428 versions prior to Ver1.00.07 FXC Inc. Power over Ethernet (PoE) switch FXC5210PE/5218PE/5224PE versions prior to Ver1.00.14 FXC Inc. Wireless LAN router AE1021/AE1021PE all versions

Description A cross-site scripting issue affects multiple FXC Inc. network devices, allowing an attacker with administrator rights to inject arbitrary web script or HTML via the administrative page.

Recommendations For FXC Inc. Managed Ethernet switch FXC5210/5218/5224 versions prior to Ver1.00.22, update to version Ver1.00.22 or later. For FXC Inc. Managed Ethernet switch FXC5426F versions prior to Ver1.00.06, update to version Ver1.00.06 or later. For FXC Inc. Managed Ethernet switch FXC5428 versions prior to Ver1.00.07, update to version Ver1.00.07 or later. For FXC Inc. Power over Ethernet (PoE) switch FXC5210PE/5218PE/5224PE versions prior to Ver1.00.14, update to version Ver1.00.14 or later. For FXC Inc. Wireless LAN router AE1021/AE1021PE, at the moment, there is no information about a newer version that contains a fix for this issue.