Vulnerability Database

309,465

Total vulnerabilities in the database

CVE-2016-1488

Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on Siemens OZW OZW672 devices before 6.00 and OZW772 devices before 6.00 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

  • Published: Jan 30, 2016
  • Updated: Nov 9, 2025
  • CVE: CVE-2016-1488
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
siemens / ozw672_firmware - 5.2.x
siemens / ozw772_firmware - 5.2.x