Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 26.0%.
RCE
Denial Of Service
Information Disclosure
Dixell Xweb 500 Firmware
NVD
VulDB
CVSS 3.1
9.8
EPSS
26.0%
Threat
4.2