CVE-2022-2105
Secheron SEPCOS Control and Protection Relay
Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Produtos afetados
Secheron · SEPCOS Control and Protection Relay firmware packageQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →