CVE-2021-21799 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in Advantech R-SeeNet affects v. 2.4.12.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Url
Toolbox
-
Advantech R-SeeNet is a software program that enables users to connect and manage their remote devices from a central location. The software is specifically designed for the needs of industrial applications, including security cameras, access control systems, and environmental monitoring devices. With R-SeeNet, users can monitor and control these devices in real-time, ensuring optimal performance and quick problem resolution. The software also offers advanced features such as event logging, video playback, and remote firmware upgrades.
Unfortunately, despite its advanced functionality, R-SeeNet is not without its vulnerabilities. One such vulnerability is the recently detected CVE-2021-21799. This vulnerability exists in the telnet_form.php script functionality of the software. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. This can provide an attacker with access to sensitive information and control over the device, leading to potentially disastrous consequences.
When exploited, the CVE-2021-21799 vulnerability can lead to a variety of consequences. Attackers can use this vulnerability to execute malicious scripts on devices, steal sensitive information, and gain unauthorized access to restricted areas. This can have serious consequences for security and safety, especially in industrial settings where lives and livelihoods are at stake. In addition, this vulnerability can be used as a launching point for further attacks, allowing attackers to infiltrate other parts of the system and potentially cause even more damage.
Thanks to the pro features of the s4e.io platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. With the help of the platform, users can identify and prioritize vulnerabilities, obtain detailed vulnerability reports, and receive proactive threat intelligence. The platform also offers expert guidance and support to help users implement effective security measures and protect against potential threats. By using the s4e.io platform, users can ensure the safety and security of their devices and networks, and reduce the risk of data breaches and cyberattacks.
REFERENCES