VYPR

1734-AENTR

by Rockwellautomation

CVEs (2)

  • CVE-2020-14502Feb 24, 2022
    risk 0.00cvss epss 0.01

    The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.

  • CVE-2020-14504Feb 24, 2022
    risk 0.00cvss epss 0.01

    The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST requests. A remote, unauthenticated attacker can send a crafted request that may allow for modification of the configuration settings.