Profitap Blog

Recent Posts

Stay up to date



Return to Blog

X2-Series Firmware v0.13.6 and x0.13.7 Security Notice

 

X2-Series Security Notice & Firmware v0.13.6 and x0.13.7

 

Potentially affected products
X2-Series NPBs (any version).
 
Non-affected products
All other Profitap products.
 
Scope of the vulnerability:
The Profitap X2-Manager Web-UI on X2-Series NPBs through 0.13.3 allows reflected Cross-site Scripting.
 
While this vulnerability doesn't impact the X2-Series devices directly, it can allow a malicious link to inject arbitrary HTML and JavaScript code into the back-end response.
 
Profitap has released X2-Series firmware images v0.13.6 and x0.13.7 to address this risk.
 
Profitap recommends updating the X2-Series devices as soon as possible and, as precautionary means, changing login credentials using a robust and unique password.