Cross-Site Scripting Vulnerabilities in Honeywell FALCON XLWeb Devices
CVE-2014-3110

Currently unrated

Key Information:

Vendor

Honeywell

Status
Falcon Xlweb Linux Controller
Falcon Xlweb Xlwebexe
Vendor
CVE Published:
24 July 2014

What is CVE-2014-3110?

Honeywell FALCON XLWeb devices have multiple cross-site scripting vulnerabilities that could allow remote attackers to inject arbitrary web scripts or HTML through invalid input. This issue affects specific versions of the FALCON XLWeb Linux and XLWebExe controller devices, leading to potential unauthorized actions or information disclosure if exploited.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-175-01
x_refsource_MISC
https://www.exploit-db.com/exploits/44749/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/68838
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.