← back
CVE-2021-33842

Circutor SGE-PLC1000 improper authentication

CVSS 8.8 HIGHEPSS 0.4%CWE-565
Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Circutor · SGE-PLC1000

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-improper-authentication