Real Time Automation 460MCBS 5.2.14 Cross Site Scripting ≈ Packet Storm

Real Time Automation 460MCBS 5.2.14 Cross Site Scripting ≈ Packet Storm

Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]

Real Time Automation 460MCBS 5.2.14 Cross Site Scripting[6]
Authored by Yehia Elghaly[7]

Real Time Automation 460MCBS version 5.2.14 suffers from a cross site scripting vulnerability.

SHA-256 | e1dc34de8b2c48ae9d510a786be692096f905dcd83110ee1571b13b3cdfb035b

Change Mirror[11] Download[12]

        Exploit Title:  Real Time Automation 460MCBS Cross Site Scripting (XSS)
Date: 2023-03-09
Exploit Author: Yehia Elghaly
Vendor Homepage:
Software Link:
Version: Revision 5.2.14
Tested on: Real Time Automation
Summary: The Real Time Automation 460MCBS moves data between up to 32 Modbus TCP Servers and a BACnet/IP Building Automation System (BAS). It’s a perfect tool to tie Modbus TCP power meters, boilers, chillers and other devices into your BACnet/IP Building Automation System
Description: The attacker can able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.: XSS found on when insert a payload after(/)
Payload: ?c12yy<script>alert('XSSYF')</script>p1ax8=1
[Affected Component]

Login[13] or Register[14] to add favorites

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa

File Tags

File Archives


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services[119]
Hosting By

Pensée du jour :

Ce que l'homme a fait ,

l'homme peut le défaire.


"No secure path in the world"