CVE-2023-41922

EUVD-2023-46399
A 'Cross-site Scripting' (XSS) vulnerability, characterized by improper input neutralization during web page generation, has been discovered. This vulnerability allows for Stored XSS attacks to occur. Multiple areas within the administration interface of the webserver lack adequate input validation, resulting in multiple instances of Stored XSS vulnerabilities.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
kiloviewp1_firmware
-
kiloviewp2_firmware
-
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
kiloviewp1_4g_video_encoder_firmware
𝑥
≤ 4.8.2605
ADP
kiloviewp2_4g_video_encoder_firmware
𝑥
≤ 4.8.2605
ADP
Common Weakness Enumeration
References
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273
https://advisories.ncsc.nl/advisory?id=NCSC-2024-0273