CVE-2022-2105
Secheron SEPCOS Control and Protection Relay
Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Productos afectados
Secheron · SEPCOS Control and Protection Relay firmware package¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →