Honeywell MCR Web Controller Cross Site Scripting / Path Disclosure
Posted by deepcore on November 12, 2019 – 2:00 pm
Honeywell MCR Web Controller suffers from cross site scripting and path disclosure vulnerabilities. Versions affected include XL1000C50 EXCEL WEB 52 I/O, XL1000C500 EXCEL WEB 300 I/O, XL1000C100 EXCEL WEB 104 I/O, XL1000C1000 EXCEL WEB 600 I/O, XL1000C50U EXCEL WEB 52 I/O UUKL, XL1000C500U EXCEL WEB 300 I/O UUKL, XL1000C100U EXCEL WEB 104 I/O UUKL, and XL1000C1000U EXCEL WEB 600 I/O UUKL.
Post a reply
You must be logged in to post a comment.