CVE-2021-21803
MEDIUM NUCLEIAdvantech R-SeeNet - Stored Cross-Site Scripting via device_graph_page.php
Title source: llmExploitation Summary
CVE-2021-21803 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.
Nuclei Templates (1)
Advantech R-SeeNet - Cross-Site Scripting
MEDIUMby gy741
Shodan:
http.html:"r-seenet"
FOFA:
body="r-seenet"
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272
Scores
CVSS v3
6.1
EPSS
0.0790
EPSS Percentile
94.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
advantech/r-seenet
2.4.12
Published
Jul 16, 2021
Tracked Since
Feb 18, 2026