What the vulnerability does

01Description

Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.

Key dates

02Disclosure timeline

January 3, 2019 CVE published
August 5, 2024 Record updated