Vulnerabilities > Sharp > JH Rv11 Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-14 | CVE-2024-23784 | Unspecified vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product. low complexity sharp | 6.5 |
2024-02-14 | CVE-2024-23785 | Cross-Site Request Forgery (CSRF) vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings. | 6.5 |
2024-02-14 | CVE-2024-23787 | Path Traversal vulnerability in Sharp Jh-Rv11 Firmware and Jh-Rvb1 Firmware Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to obtain an arbitrary file in the affected product. | 6.5 |