Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-34412

A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS).

Published

2023-08-17T14:15:09.700

Last Modified

2024-11-21T08:07:11.220

Status

Undergoing Analysis

Source

[email protected]

Severity

CVSSv3.1: 4.8 (MEDIUM)

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	helmholz	rex_250_firmware	< 7.3.2	Yes
Hardware	helmholz	rex_250	-	No
Operating System	helmholz	rex_200_firmware	< 7.3.2	Yes
Hardware	helmholz	rex_200	-	No
Operating System	redlion	mbnet.rokey_rkh_210_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet.rokey_rkh_210	-	No
Operating System	redlion	mbnet.rokey_rkh_216_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet.rokey_rkh_216	-	No
Operating System	redlion	mbnet.rokey_rkh_235_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet.rokey_rkh_235	-	No
Operating System	redlion	mbnet.rokey_rkh_259_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet.rokey_rkh_259	-	No
Operating System	redlion	mbnet_mdh_811_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_811	-	No
Operating System	redlion	mbnet_mdh_850_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_850	-	No
Operating System	redlion	mbnet_mdh_871_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_871	-	No
Operating System	redlion	mbnet_mdh_831_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_831	-	No
Operating System	redlion	mbnet_mdh_855_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_855	-	No
Operating System	redlion	mbnet_mdh_876_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_876	-	No
Operating System	redlion	mbnet_mdh_858_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_858	-	No
Operating System	redlion	mbnet_mdh_816_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_816	-	No
Operating System	redlion	mbnet_mdh_841_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_841	-	No
Operating System	redlion	mbnet_mdh_859_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_859	-	No
Operating System	redlion	mbnet_mdh_835_firmware	< 7.3.2	Yes
Hardware	redlion	mbnet_mdh_835	-	No

References

https://cert.vde.com/en/advisories/VDE-2023-012/ Third Party Advisory ([email protected])
https://cert.vde.com/en/advisories/VDE-2023-029/ Third Party Advisory ([email protected])
https://cert.vde.com/en/advisories/VDE-2023-012/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cert.vde.com/en/advisories/VDE-2023-029/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)