An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The license key parameter of the web application is vulnerable to Cross Site Scripting; this vulnerability allows an attacker to send malicious code to another user.
References
Link | Resource |
---|---|
http://blog.isecurion.com/2018/05/09/impinj-speedway-r420-rfid-reader/ | Exploit Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-05-11 14:29
Updated : 2018-06-13 06:40
NVD link : CVE-2018-5303
Mitre link : CVE-2018-5303
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
impinj
- r420_rfid_reader
- r420_rfid_reader_firmware