EUVD-2024-44209

Malicious code in bioql PyPI...

EUVD-2024-44210

Malicious code in bioql PyPI...

Socomec Net Vision Authentication Vulnerability

Socomec Net Vision is a network management solution developed by SOCOMEC for its Uninterruptible Power Supply UPS products to remotely monitor, condition manage and automate the operation of UPS. An authentication vulnerability exists in Socomec Net Vision, which stems from the application's use ...

Socomec Net Vision Cross-Site Request Forgery Vulnerability

Socomec Net Vision is a network management solution developed by SOCOMEC for its Uninterruptible Power Supply UPS products to remotely monitor, condition manage and automate the operation of UPS. Socomec Net Vision suffers from a cross-site request forgery vulnerability that stems from improper...

CVE-2024-4600

Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘setparam.cgi’ file...

CVE-2024-4601

An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an attacker to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer value...

CVE-2024-4601 Improper Authentication vulnerability in Socomec Net Vision

An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an attacker to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer value...

CVE-2024-4601

CVE-2024-4601 affects Socomec Net Vision (version 7.20) and is described as an improper authentication vulnerability. The root cause is the use of five‑digit integer values, which enables a brute‑force attack to recover a valid session. Multiple connected records (CNVD/CNNVD/NVD variants) corrobo...

CVE-2024-4601 Improper Authentication vulnerability in Socomec Net Vision

An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an attacker to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer value...

CVE-2024-4600 Cross-Site Request Forgery vulnerability in Socomec Net Vision

Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘setparam.cgi’ file...

CVE-2024-4600

CVE-2024-4600 affects Socomec Net Vision (version 7.20). A CSRF vulnerability arises from improper cleanup/sanitisation of the set_param.cgi file, enabling an attacker to trick registered users into performing critical actions such as adding or updating accounts. Exploitation details are not prov...

CVE-2024-4600 Cross-Site Request Forgery vulnerability in Socomec Net Vision

Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘setparam.cgi’ file...

Socomec Net Vision 授权问题漏洞

Socomec Net Vision is a network management solution developed by SOCOMEC for its Uninterruptible Power Supply UPS products to remotely monitor, condition manage and automate the operation of UPS. An authentication vulnerability exists in Socomec Net Vision, which stems from the application's use ...

SOCOMEC MODULYS GP (UPDATE A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : SOCOMEC Equipment : MODULYS GP Vulnerability : Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain sensitive...