What the vulnerability does

01Description

The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unauthenticated attacker could store a malicious script within the web interface that, when executed, could modify some string values on the homepage of the web interface.

Key dates

02Disclosure timeline

February 24, 2022 CVE published
April 17, 2025 Record updated