Bkg Professional Ntripcaster
Monthly
Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions <=2.0.44. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions <=2.0.44. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.