CNNVD-202511-481 Information

CNNVD ID

CNNVD-202511-481

Related CVE

CVE-2025-64302

• CNNVD Published: 2025-11-06

Description (Chinese)

Advantech DeviceOn/iEdge是中国台湾研华（Advantech）公司的一个边缘设备远程管理与运维平台。 Advantech DeviceOn/iEdge存在跨站脚本漏洞，该漏洞源于仪表板标签或路径输入清理不足，可能导致信息泄露或数据篡改。

Description (English)

Advantech DeviceOn/iEdge is a remote management and transport platform for peripheral equipment of the Chinese company Advantech. Advantech DeviceOn/iEdge has a cross-site script loophole, which results from inadequate dashboard tags or path input clean-up, which may lead to information leaks or data manipulation.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

研华

Published

2025-11-06

Last Modified

2026-02-24

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-310-01.json https://www.advantech.com/emt/contact https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-01