Lucene search
+L
SharpJh-rvb1 Firmware

7 matches found

cve
cve
added 2024/02/14 10:8 a.m.95 views

CVE-2024-23786

CVE-2024-23786 affects the Sharp Energy Management Controller with Cloud Services (JH-RVB1/JH-RV11, Ver.B0.1.9.1 and earlier). The vulnerability is a stored cross-site scripting issue that allows a network-adjacent unauthenticated attacker to cause arbitrary script execution in a user’s browser w...

9.3CVSS6.7AI score0.00786EPSS
cve
cve
added 2024/02/14 10:9 a.m.83 views

CVE-2024-23787

The SHARP Energy Management Controller with Cloud Services (models JH-RVB1 / JH-RV11) versions B0.1.9.1 and earlier are affected by a path traversal vulnerability that allows a network-adjacent, unauthenticated attacker to obtain arbitrary files outside the web root. Root cause: improper handling...

7.5CVSS6.9AI score0.00892EPSS
cve
cve
added 2024/02/14 10:2 a.m.79 views

CVE-2024-23783

CVE-2024-23783 affects Sharp Energy Management Controller with Cloud Services (JH-RVB1/JH-RV11) up to Ver.B0.1.9.1. The vulnerability is described as improper authentication allowing a network-adjacent unauthenticated attacker to access the product without authentication. Public sources in the co...

8.8CVSS7AI score0.00519EPSS
cve
cve
added 2024/02/14 10:5 a.m.79 views

CVE-2024-23784

The CVE-2024-23784 issue affects SHARP Energy Management Controller with Cloud Services (JH-RVB1/JH-RV11) up to Ver.B0.1.9.1, where improper access control could allow a network-adjacent, unauthenticated attacker to view a username and its hashed password on the product’s management page. The SHA...

6.5CVSS6.9AI score0.00393EPSS
cve
cve
added 2024/02/14 10:10 a.m.76 views

CVE-2024-23788

CVE-2024-23788 affects Sharp Energy Management Controller with Cloud Services (JH-RV11/B0.1.9.1 and earlier). The issue is a server-side request forgery (SSRF) allowing a network-adjacent, unauthenticated attacker to send arbitrary HTTP GET requests from the affected device. Impact is high for co...

9.1CVSS7AI score0.0081EPSS
cve
cve
added 2024/02/14 10:35 a.m.76 views

CVE-2024-23789

The CVE-2024-23789 issue affects SHARP Energy Management Controller with Cloud Services (JH-RVB1 / JH-RV11) versions B0.1.9.1 and earlier. Affected component is the OS command execution via a network-adjacent, unauthenticated attacker. The Red Hat/Red team documents corroborate “OS command inject...

9.8CVSS7.4AI score0.01176EPSS
cve
cve
added 2024/02/14 10:7 a.m.70 views

CVE-2024-23785

The CVE-2024-23785 entry concerns Sharp Energy Management Controller with Cloud Services (JH-RVB1/JH-RV11) affected up to Ver.B0.1.9.1. The vulnerability is a Cross-site Request Forgery (CSRF) that enables a remote unauthenticated attacker to change product settings. Documents from multiple sourc...

6.5CVSS7AI score0.00357EPSS