Vendor
Rle
Products
4
CVEs
3
Across products
3
Status
Private
Products
4- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7278 | Med | 0.40 | 6.1 | 0.01 | Feb 21, 2018 | An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP. | ||
| CVE-2018-7277 | Med | 0.40 | 6.1 | 0.01 | Feb 21, 2018 | An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP. | ||
| CVE-2015-3951 | 0.00 | — | 0.01 | Jun 13, 2015 | RLE Nova-Wind Turbine HMI devices store cleartext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors. |
- risk 0.40cvss 6.1epss 0.01
An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP.
- risk 0.40cvss 6.1epss 0.01
An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device's BACnet implementation. This is similar to a Cross Protocol Injection with SNMP.
- CVE-2015-3951Jun 13, 2015risk 0.00cvss —epss 0.01
RLE Nova-Wind Turbine HMI devices store cleartext credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.