CVE-2024-55040 Information
Jul 22, 2025
cve
Description
Cross Site Scripting vulnerability in Sensaphone WEB600 Monitoring System v.1.6.5.H and before allows a remote attacker to execute arbitrary code via a crafted GET requests to /@.xml placing payloads in the g7200 g7300 g4601 and g1F02 parameters.
Reference
https://github.com/tcbutler320/Sensaphone-WEB600-XSS https://sensaphone.com/products/sensaphone-web600-monitoring-system https://vulmon.com/vulnerabilitydetails?qid=CVE-2024-55040
Related CNNVD
CNNVD-202507-2661 (Published: 2025-07-21)
Share on: