Two vulnerabilities were found in the ABB GATE E1/E2 devices. These findings include a total lack of authentication for the administrative interfaces on the device, as well as an unauthenticated persistent Cross-Site Scripting vulnerability. As a result of these findings, ABB has put the GATE-E2 in End-of-Life. The E1 device was already in EoL.

https://applied-risk.com/application/files/8615/4505/6727/Advisory_AR2018008_-_ABB_GATE_E1-E2_Multiple_Vulnerabilities_1.0.pdf