Vulnerabilities > Sharp > JH Rv11 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2024-23784 Unspecified vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware
Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product.
low complexity
sharp
6.5
2024-02-14 CVE-2024-23785 Cross-Site Request Forgery (CSRF) vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings.
network
low complexity
sharp CWE-352
6.5
2024-02-14 CVE-2024-23787 Path Traversal vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware
Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to obtain an arbitrary file in the affected product.
low complexity
sharp CWE-22
6.5