Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-jf8c-97vf-m8j5

Опубликовано: 09 фев. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 6.9
CVSS3: 6.1

Описание

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.

This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites.

The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.

This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites.

The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

EPSS

Процентиль: 17%
0.00051
Низкий

6.9 Medium

CVSS4

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

CVSS3: 6.1
nvd
4 месяца назад

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04

CVSS3: 5.8
fstec
4 месяца назад

Уязвимость SCADA-системы FAST/TOOLS, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес

EPSS

Процентиль: 17%
0.00051
Низкий

6.9 Medium

CVSS4

6.1 Medium

CVSS3

Дефекты

CWE-601