CVE-2026-29510
- EPSS 0.05%
- Veröffentlicht 16.03.2026 16:56:21
- Zuletzt bearbeitet 10.04.2026 17:46:37
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device Name field. Attackers can inject malicious scripts ...
CVE-2026-29513
- EPSS 0.05%
- Veröffentlicht 16.03.2026 16:56:06
- Zuletzt bearbeitet 10.04.2026 17:44:34
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device Location field. Attackers can inject malicious scri...
CVE-2026-29520
- EPSS 0.03%
- Veröffentlicht 16.03.2026 16:55:52
- Zuletzt bearbeitet 10.04.2026 17:43:45
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a reflected cross-site scripting vulnerability in the Network Diagnosis ping function that allows attackers to execute arbitrary JavaScript. Attackers can craft malicious links with injecte...
CVE-2026-29521
- EPSS 0.03%
- Veröffentlicht 16.03.2026 16:55:34
- Zuletzt bearbeitet 10.04.2026 17:42:56
Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a cross-site request forgery vulnerability that allows attackers to modify device configuration by exploiting missing CSRF protections in setup.cgi. Attackers can host malicious pages that ...