3 matches found
CVE-2022-2105 Secheron SEPCOS Control and Protection Relay
Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters...
CVE-2022-2105 Secheron SEPCOS Control and Protection Relay
Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters...
CVE-2022-2105
CVE-2022-2105 affects Secheron SEPCOS Control and Protection Relay. Affected firmware: SEPCOS Single Package before 1.23.22, before 1.24.8, and before 1.25.3. Vulnerability: Improper Enforcement of Behavioral Workflow (CWE-841) allowing bypass of client-side JavaScript controls to change credenti...