Vulnerabilities > CVE-2024-23788 - Server-Side Request Forgery (SSRF) vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware

047910
CVSS 8.1 - HIGH
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
low complexity
sharp
CWE-918

Summary

Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.

Vulnerable Configurations

Part Description Count
OS
Sharp
2
Hardware
Sharp
2

Common Weakness Enumeration (CWE)