CISA has published an advisory on cross-site scripting and path traversal vulnerabilities in SAE IT-systems FW-50 Remote Telemetry Unit (RTU). FW-50 RTU, Series: 5 Series; CPU-type: CPU-5B; Hardware Revision: 2; CPLD Revision: 6 is affected. Successful exploitation of these vulnerabilities may allow an attacker to execute remote code, disclose sensitive information, or cause a denial-of-service condition. SAE IT-systems has provided options for addressing these vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.