Описание
An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for voltage monitoring and network configuration. The PHP code does not properly validate information that is sent in the POST request.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:locusenergy:lgate_firmware:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:locusenergy:lgate_100:-:*:*:*:*:*:*:*
cpe:2.3:h:locusenergy:lgate_101:-:*:*:*:*:*:*:*
cpe:2.3:h:locusenergy:lgate_120:-:*:*:*:*:*:*:*
cpe:2.3:h:locusenergy:lgate_320:-:*:*:*:*:*:*:*
cpe:2.3:h:locusenergy:lgate_50:-:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00875
Низкий
8.6 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 8.6
github
больше 3 лет назад
An issue was discovered in Locus Energy LGate prior to 1.05H, LGate 50, LGate 100, LGate 101, LGate 120, and LGate 320. Locus Energy meters use a PHP script to manage the energy meter parameters for voltage monitoring and network configuration. The PHP code does not properly validate information that is sent in the POST request.
EPSS
Процентиль: 75%
0.00875
Низкий
8.6 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20