| |
Vulnerability CVE-2021-27418
Published: 2022-03-23
| Description: |
GE UR firmware versions prior to version 8.1x supports web interface with read-only access. The device fails to properly validate user input, making it possible to perform cross-site scripting attacks, which may be used to send a malicious script. Also, UR Firmware web server does not perform HTML encoding of user-supplied strings. |
References: |
https://www.cisa.gov/uscert/ics/advisories/icsa-21-075-02
https://www.gegridsolutions.com/Passport/Login.aspx
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
