Daniel Peck

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the web interface of the affected module. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module (affected versions not specified) **Description** The issue concerns an open redirect vulnerability in the web interface. This vulnerability allows remote attackers to redirect users to arbitrary web sites, which can be used to conduct phishing attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module (affected versions not specified) **Description** The issue allows remote attackers to obtain internal web page information and internal information about the module via unspecified vectors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.