Honeywell Falcon Xlweb Linux Controller vulnerabilities
2 known vulnerabilities affecting honeywell/falcon_xlweb_linux_controller.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-2717P3HIGHCVSS 7.6≤ 2.04.012014-07-24
CVE-2014-2717 [HIGH] CVE-2014-2717: Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe contro
Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page.
nvd
CVE-2014-3110P4MEDIUMCVSS 4.3PoC≤ 2.04.012014-07-24
CVE-2014-3110 [MEDIUM] CWE-79 CVE-2014-3110: Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devic
Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input.
nvd