GCVE - cpe:2.3:o:gira:knx_ip_router_firmware:3.1.3683.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:gira:knx_ip_router_firmware:3.1.3683.0:*:*:*:*:*:*:*

part: o version: 3.1.3683.0 update: *

Vendor	Gira (`6767f3d1-1d18-5177-aaf5-132cb8fccd43`)
Product	Knx Ip Router Firmware (`8ec8a673-93d0-55a5-8860-63318875d686`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-33277`	vulnerable	2026-06-08 06:06:22.165235	Details available The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL. Published: 2023-06-29T00:00:00.000Z Updated: 2024-11-27T15:41:09.342Z Open on db.gcve.eu Reference links https://www.syss.de/en/responsible-disclosure-policy https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-015.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-33276`	vulnerable	2026-06-08 06:06:22.164064	Details available The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a "404 - Not Found" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS). Published: 2023-06-30T00:00:00.000Z Updated: 2024-11-26T19:49:35.286Z Open on db.gcve.eu Reference links https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-016.txt https://www.syss.de/en/responsible-disclosure-policy	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.