Skip to main content

Opc Toolbox

2 CVEs product

Monthly

CVE-2021-29661 MEDIUM POC This Month

Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opc Toolbox
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-29660 HIGH POC This Week

A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox through 4.10.1.13035 allows attackers to reset the administrative password by inducing the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Opc Toolbox
NVD
CVSS 3.1
8.8
EPSS
0.6%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.html Stored XSS via the ITEMLISTVALUES##ITEMID parameter, resulting in JavaScript payload injection into the trace file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Opc Toolbox
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.html in Softing AG OPC Toolbox through 4.10.1.13035 allows attackers to reset the administrative password by inducing the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Opc Toolbox
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy