PT-2025-35555 · Unknown · E3 Site Supervisor Control
Armis Labs
·
Published
2025-09-02
·
Updated
2025-09-02
·
CVE-2025-52546
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
E3 Site Supervisor Control versions prior to 2.31F01
Description
E3 Site Supervisor Control’s floor plan feature allows an unauthenticated attacker to upload floor plan files. Uploading a specially crafted floor plan file can lead to a stored cross-site scripting (XSS) condition on the floorplan web page.
Recommendations
Update E3 Site Supervisor Control to version 2.31F01 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
E3 Site Supervisor Control