cbcvebase.
CVE-2022-29876
published 2022-05-20

CVE-2022-29876: A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly handle the input of a GET request parameter. The…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
A vulnerability has been identified in SICAM T (All versions < V3.0). Affected devices do not properly handle the input of a GET request parameter. The provided argument is directly reflected in the web server response. This could allow an unauthenticated attacker to perform reflected XSS attacks.

Affected

37 ranges· showing 25
VendorProductVersion rangeFixed in
siemens7kg8500-0aa00-0aa0_firmware< 3.003.00
siemens7kg8500-0aa00-2aa0_firmware< 3.003.00
siemens7kg8500-0aa10-0aa0_firmware< 3.003.00
siemens7kg8500-0aa10-2aa0_firmware< 3.003.00
siemens7kg8500-0aa30-0aa0_firmware< 3.003.00
siemens7kg8500-0aa30-2aa0_firmware< 3.003.00
siemens7kg8501-0aa01-0aa0_firmware< 3.003.00
siemens7kg8501-0aa01-2aa0_firmware< 3.003.00
siemens7kg8501-0aa02-0aa0_firmware< 3.003.00
siemens7kg8501-0aa02-2aa0_firmware< 3.003.00
siemens7kg8501-0aa11-0aa0_firmware< 3.003.00
siemens7kg8501-0aa11-2aa0_firmware< 3.003.00
siemens7kg8501-0aa12-0aa0_firmware< 3.003.00
siemens7kg8501-0aa12-2aa0_firmware< 3.003.00
siemens7kg8501-0aa31-0aa0_firmware< 3.003.00
siemens7kg8501-0aa31-2aa0_firmware< 3.003.00
siemens7kg8501-0aa32-0aa0_firmware< 3.003.00
siemens7kg8501-0aa32-2aa0_firmware< 3.003.00
siemens7kg8550-0aa00-0aa0_firmware< 3.003.00
siemens7kg8550-0aa00-2aa0_firmware< 3.003.00
siemens7kg8550-0aa10-0aa0_firmware< 3.003.00
siemens7kg8550-0aa10-2aa0_firmware< 3.003.00
siemens7kg8550-0aa30-0aa0_firmware< 3.003.00
siemens7kg8550-0aa30-2aa0_firmware< 3.003.00
siemens7kg8551-0aa01-0aa0_firmware< 3.003.00