Description
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3.
Published: 2024-08-02
Score: 6.1 Medium
EPSS: 1.6% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 04 Nov 2025 17:30:00 +0000

Type Values Removed Values Added
References

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Thu, 31 Oct 2024 08:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Hms-networks
Hms-networks ewon Cosy\+ 4g Apac
Hms-networks ewon Cosy\+ 4g Eu
Hms-networks ewon Cosy\+ 4g Jp
Hms-networks ewon Cosy\+ 4g Na
Hms-networks ewon Cosy\+ Ethernet
Hms-networks ewon Cosy\+ Firmware
Hms-networks ewon Cosy\+ Wifi
Weaknesses CWE-79
CPEs cpe:2.3:h:hms-networks:ewon_cosy\+_4g_apac:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_4g_eu:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_4g_jp:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_4g_na:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_ethernet:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_wifi:-:*:*:*:*:*:*:*
cpe:2.3:o:hms-networks:ewon_cosy\+_firmware:*:*:*:*:*:*:*:*
Vendors & Products Hms-networks
Hms-networks ewon Cosy\+ 4g Apac
Hms-networks ewon Cosy\+ 4g Eu
Hms-networks ewon Cosy\+ 4g Jp
Hms-networks ewon Cosy\+ 4g Na
Hms-networks ewon Cosy\+ Ethernet
Hms-networks ewon Cosy\+ Firmware
Hms-networks ewon Cosy\+ Wifi
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Sun, 18 Aug 2024 09:30:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 Aug 2024 15:30:00 +0000

Type Values Removed Values Added
References

Subscriptions

Hms-networks Ewon Cosy\+ 4g Apac Ewon Cosy\+ 4g Eu Ewon Cosy\+ 4g Jp Ewon Cosy\+ 4g Na Ewon Cosy\+ Ethernet Ewon Cosy\+ Firmware Ewon Cosy\+ Wifi
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-11-04T16:12:15.562Z

Reserved: 2024-04-28T00:00:00.000Z

Link: CVE-2024-33893

cve-icon Vulnrichment

Updated: 2024-08-18T08:02:59.637Z

cve-icon NVD

Status : Modified

Published: 2024-08-02T18:16:18.743

Modified: 2025-11-04T17:15:52.917

Link: CVE-2024-33893

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses