CVE-2020-12512

CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-12512" target="_blank" rel="noopener" rel="noreferrer"> CVE-2020-12512
Published: Jan 22, 2021
Updated: Apr 13, 2023
Exploit:

Description

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting

Software	From	Fixed in
pepperl-fuchs / io-link_master_4-eip_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_8-eip_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_8-eip-l_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_dr-8-eip_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_dr-8-eip-p_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_dr-8-eip-t_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_4-pnio_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_8-pnio_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_8-pnio-l_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_dr-8-pnio_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_dr-8-pnio-p_firmware	-	1.5.48.x
pepperl-fuchs / io-link_master_dr-8-pnio-t_firmware	-	1.5.48.x