Vulnerabilities > Secheron > Sepcos Control AND Protection Relay Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-24	CVE-2022-1667	Unspecified vulnerability in Secheron Sepcos Control and Protection Relay Firmware 1.23.0/1.24.0/1.25.0 Client-side JavaScript controls may be bypassed by directly running a JS function to reboot the PLC (e.g., from the browser console) or by loading the corresponding, browser accessible PHP script network low complexity secheron	7.5
2022-06-24	CVE-2022-2102	Unrestricted Upload of File with Dangerous Type vulnerability in Secheron Sepcos Control and Protection Relay Firmware 1.23.0/1.24.0/1.25.0 Controls limiting uploads to certain file extensions may be bypassed. network low complexity secheron CWE-434	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.