Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Modbuspal Project Subscribe
Filtered by product Modbuspal
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10832 1 Modbuspal Project 1 Modbuspal 2018-06-13 4.3 MEDIUM 5.5 MEDIUM
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp files and automations can be exported as .xmpa files, both XML-based, which are vulnerable to XXE injection. Sending a crafted .xmpp or .xmpa file to a user, when opened/imported in ModbusPal, will return the contents of any local files to a remote attacker.