PT-2019-15246 · Comtech · Comtech H8 Heights Remote Gateway

Capitan Alfalo

Publicado

2019-10-17

Atualizado

2026-01-02

CVE-2019-17667

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Comtech H8 Heights Remote Gateway version 2.5.1

Description The issue allows for XSS and HTML injection attacks through the SiteName field.

Recommendations For Comtech H8 Heights Remote Gateway version 2.5.1, avoid using the SiteName field until a fix is available. As a temporary workaround, consider validating and sanitizing user input for the SiteName field to prevent XSS and HTML injection attacks.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-17667

Produtos afetados

Comtech H8 Heights Remote Gateway

PT-2019-15246 · Comtech · Comtech H8 Heights Remote Gateway

CVE-2019-17667

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4