Socomec Net Vision Cross-Site Request Forgery Vulnerability

Socomec Net Vision is a network management solution developed by SOCOMEC for its Uninterruptible Power Supply UPS products to remotely monitor, condition manage and automate the operation of UPS. Socomec Net Vision suffers from a cross-site request forgery vulnerability that stems from improper...

CVE-2024-4600

Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘setparam.cgi’ file...

CVE-2024-4600 Cross-Site Request Forgery vulnerability in Socomec Net Vision

Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘setparam.cgi’ file...

CVE-2024-4600

CVE-2024-4600 affects Socomec Net Vision (version 7.20). A CSRF vulnerability arises from improper cleanup/sanitisation of the set_param.cgi file, enabling an attacker to trick registered users into performing critical actions such as adding or updating accounts. Exploitation details are not prov...

The vulnerability of the /usr/local/sbin/webproject/set_param.cgi script in the Infiray IRAY-A8Z3 thermal imager software allows a intruder to escalate their privileges.

The vulnerability of the /usr/local/sbin/webproject/setparam.cgi file in the Infiray IRAY-A8Z3 thermal imager software is related to the use of pre-set user credentials. Exploiting this vulnerability could allow an attacker to gain increased privileges remotely...