{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T11:50:36.206","vulnerabilities":[{"cve":{"id":"CVE-2022-40190","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-10-31T21:15:12.660","lastModified":"2024-11-21T07:21:01.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in users’ browsers and steal sensitive information, including user credentials."},{"lang":"es","value":"La versión 2.7.1 del firmware moduWeb de SAUTER Controls es vulnerable a Cross-Site Scripting (XSS) Reflejado. La aplicación web no sanitiza adecuadamente las cadenas de solicitud de JavaScript malicioso. Un atacante que utilice XSS podría ejecutar código malicioso en los navegadores de los usuarios y robar información confidencial, incluidas las credenciales de los usuarios.\n"}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sauter-controls:moduweb_firmware:2.7.1:*:*:*:*:*:*:*","matchCriteriaId":"1FFA6229-43BC-4D22-90EC-EEE5711D229F"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-300-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}