Описание
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до b0.1.9.1 (включая)
Одновременно
cpe:2.3:o:sharp:jh-rvb1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:jh-rvb1:*:*:*:*:*:*:*:*
Конфигурация 2Версия до b0.1.9.1 (включая)
Одновременно
cpe:2.3:o:sharp:jh-rv11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:jh-rv11:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00115
Низкий
6.5 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 6.5
github
больше 1 года назад
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings.
EPSS
Процентиль: 31%
0.00115
Низкий
6.5 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-352
CWE-352