← Back

Sgima Lite & Lite+ Firmware

sgima_lite_&_lite+_firmware

Vendor: Idemia • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-4667
1Idemia
6Morphowave Compact Firmware
Morphowave Sp FirmwareSgima Lite & Lite+ Firmware+3 more
Nov 21, 2024
Nov 28, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserv...Show more
The web interface of the PAC Device allows the device administrator user profile to store malicious scripts in some fields. The stored malicious script is then executed when the GUI is opened by any users of the webserver administration interface.  The root cause of the vulnerability is inadequate input validation and output encoding in the web administration interface component of the firmware. This could lead to  unauthorized access and data leakage Show less