CVE-2018-5303

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2. The license key parameter of the web application is vulnerable to Cross Site Scripting; this vulnerability allows an attacker to send malicious code to another user.
References
Link Resource
http://blog.isecurion.com/2018/05/09/impinj-speedway-r420-rfid-reader/ Exploit Technical Description Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:impinj:r420_rfid_reader_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:impinj:r420_rfid_reader:-:*:*:*:*:*:*:*

Information

Published : 2018-05-11 14:29

Updated : 2018-06-13 06:40


NVD link : CVE-2018-5303

Mitre link : CVE-2018-5303


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

impinj

  • r420_rfid_reader
  • r420_rfid_reader_firmware