CNNVD-202507-072 Information

CNNVD ID

CNNVD-202507-072

Related CVE

CVE-2025-34080

• CNNVD Published: 2025-07-01

Description (Chinese)

Contec CONPROSYS HMI System是日本Contec公司的一个基于 HTML5 技术的 HMI（人机界面）/SCADA（监控和数据采集）软件产品。 Contec CONPROSYS HMI System 3.7.7之前版本存在安全漏洞，该漏洞源于getqsetting.php存在跨站脚本。

Description (English)

Contec CONPROSYS HMI Systems is a HMI (human interface)/SCADA (monitoring and data collection) software product based on HTML5 technology from Contec, Japan. There was a security loophole in the previous version of Contec CONPROSYS HMI System 3.7.7 from the presence of a cross-site script in Getqsetting.php.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Contec

Published

2025-07-01

Last Modified

2026-02-24

References

https://jvn.jp/en/vu/JVNVU92266386/ https://access.redhat.com/security/cve/cve-2025-34080

Patch

https://www.contec.com/products-services/daq-control/iiot-conprosys/cps-software/chs/support/#section