exploitDog

GHSA-7ph6-ch7r-f425

Опубликовано: 09 авг. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.

Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.

Ссылки

EPSS

Процентиль: 54%

0.00309

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-918

Связанные уязвимости

CVE-2024-23788

CVSS3: 8.1

nvd

почти 2 года назад

Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.

EPSS

Процентиль: 54%

0.00309

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-918