CISA has published an advisory on reflected cross-site scripting, stored cross-site scripting, cross-site request forgery, hidden functionality, and use of unmaintained third-party components vulnerabilities in Red Lion N-Tron 702-W and 702M12-W. All versions of both products are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to sensitive information, execute system commands, and perform actions in the context of an attacked user. Red Lion’s 702-W Series was discontinued in 2018 and cannot be updated. Red Lion recommends these products be used locally within a secure network. CISA recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.