ГлавнаяУязвимости → CVE-2024-23788
8.1высокая

CVE-2024-23788

Описание

Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.

Затрагиваемое ПО
Sharp Jh-rvb1 firmwareSharp Jh-rvb1Sharp Jh-rv11 firmwareSharp Jh-rv11
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdfhttps://jp.sharp/support/taiyo/info/JVNVU94591337_jp.pdfhttps://jvn.jp/en/vu/JVNVU94591337/https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdfhttps://jp.sharp/support/taiyo/info/JVNVU94591337_jp.pdfhttps://jvn.jp/en/vu/JVNVU94591337/