• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

andover_continuum_bcx9640_firmware

CVE-2020-7480

February 26, 2023 by

A CWE-94: Improper Control of Generation of Code (‘Code Injection’) vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application’s processing of XML data.

CVE-2020-7481

February 26, 2023 by

A CWE-79:Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists Andover Continuum (All versions), which could enable a successful Cross-site Scripting (XSS attack) when using the products’ web server.

CVE-2020-7482

February 26, 2023 by

A CWE-79:Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists Andover Continuum (All versions), which could cause a Reflective Cross-site Scripting (XSS attack) when using the products’ web server.

CVE-2019-6853

February 26, 2023 by

A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum (models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702) , which could enable a successful Cross-site Scripting (XSS attack) when using the products web server.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE