Описание
Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to obtain an arbitrary file in the affected product.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до b0.1.9.1 (включая)
Одновременно
cpe:2.3:o:sharp:jh-rvb1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:jh-rvb1:-:*:*:*:*:*:*:*
Конфигурация 2Версия до b0.1.9.1 (включая)
Одновременно
cpe:2.3:o:sharp:jh-rv11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:jh-rv11:-:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.00805
Низкий
6.5 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
больше 1 года назад
Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to obtain an arbitrary file in the affected product.
EPSS
Процентиль: 74%
0.00805
Низкий
6.5 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-22
CWE-22