Socomec DIRIS Digiware M-70 Cross-Site Request Forgery Vulnerability

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A cross-site request forgery vulnerability exists in the Socomec DIRIS Digiware M-70 that stems...

CVE-2024-53684

A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...

CVE-2024-48894

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...

CVE-2024-53684

A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...

CVE-2024-48894

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...

CVE-2024-48894

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...

CVE-2024-53684

A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...

CVE-2024-48894

CVE-2024-48894 affects Socomec DIRIS Digiware M-70 gateway (version 1.6.9). Talos reports a cleartext transmission in the WEBVIEW-M webserver, allowing an attacker on the same network to sniff traffic and potentially disclose credentials or configuration data due to lack of encryption. The issue ...

CVE-2024-48894

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...

EUVD-2024-55106

A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. An attacker can sniff network traffic to trigger this vulnerability...

CVE-2024-53684

CVE-2024-53684 affects Socomec DIRIS Digiware M-70, specifically the WEBVIEW-M webserver in version 1.6.9. TALOS details a cross-site request forgery (CSRF) where a malicious page can trigger unauthorized access even when a user is authenticated, due to WEBVIEW-M not properly handling requests wi...

CVE-2024-53684

A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...

EUVD-2024-55107

A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...

CVE-2024-53684

A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability...

Socomec DIRIS Digiware M-70 安全漏洞

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. The Socomec DIRIS Digiware M-70 suffers from a plaintext transmission vulnerability that...

Socomec DIRIS Digiware M-70 安全漏洞

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A cross-site request forgery vulnerability exists in the Socomec DIRIS Digiware M-70 that stems...

PT-2025-48472

Name of the Vulnerable Software and Affected Versions Socomec DIRIS Digiware M-70 version 1.6.9 Description A cross-site request forgery issue exists within the WEBVIEW-M functionality. A malicious webpage can be used to trigger this issue by sending a specially crafted HTTP request, potentially...

Socomec DIRIS Digiware M-70 WEBVIEW-M cross-site request forgery (CSRF) vulnerability

Talos Vulnerability Report TALOS-2024-2116 Socomec DIRIS Digiware M-70 WEBVIEW-M cross-site request forgery CSRF vulnerability December 1, 2025 CVE Number CVE-2024-53684 SUMMARY A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70...

Socomec DIRIS Digiware M-70 WEBVIEW-M cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2024-2115 Socomec DIRIS Digiware M-70 WEBVIEW-M cleartext transmission vulnerability December 1, 2025 CVE Number CVE-2024-48894 SUMMARY A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially...

Socomec DIRIS Digiware M-70 Modbus RTU over TCP factory reset denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2138 Socomec DIRIS Digiware M-70 Modbus RTU over TCP factory reset denial of service vulnerability December 1, 2025 CVE Number CVE-2025-20085 SUMMARY A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware...