VYPR

XWEB-500

by Emerson

CVEs (2)

  • CVE-2021-45420Feb 14, 2022
    risk 0.07cvss epss 0.26

    Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism,…

  • CVE-2021-45421Feb 14, 2022
    risk 0.00cvss epss 0.02

    Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or…