11 matches found
CVE-2026-2491
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
Socomec socomec DIRIS A-40 访问控制错误漏洞
Socomec DIRIS A-40 is an electrical device designed by the French company Socomec for power metering and monitoring. The Socomec DIRIS A-40 has a vulnerability related to access control, which stems from insufficient authentication in the Web API implementation. This vulnerability could allow...
CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2026-2491 Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
PT-2026-22052
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...
CVE-2019-15859
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI...
Socomec DIRIS A-40 Password Disclosure Vulnerability
Socomec DIRIS A-40 is a network management solution developed by SOCOMEC for its Uninterruptible Power Supply UPS products to enable remote monitoring, condition management and automated operation of UPS. A password disclosure vulnerability exists in Socomec DIRIS A-40, which arises from errors...
CVE-2019-15859
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI...
CVE-2019-15859
Socomec DIRIS A-40 devices (firmware versions before 48250501) are vulnerable to a password-disclosure flaw in the web interface that allows a remote attacker to gain full access via the /password.jsn URI. The issue stems from an incorrect or insufficient access-control path in the web interface,...
CVE-2019-15859
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI...
Socomec DIRIS A-40 Password Disclosure
description Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. ------------------------------------------ Vulnerability Type Incorrect Access Control...