Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. There is no CSRF Token generated per page or per function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Meteocontrol WEB'log产品跨站请求伪造漏洞
Vulnerability Description
Meteocontrol WEB'log Basic 100等都是德国Meteocontrol公司的用于集中记录光伏系统所有数据的数据记录器。 Meteocontrol WEB'log中存在跨站请求伪造漏洞。攻击者可利用该漏洞执行未授权操作。以下版本受到影响:Meteocontrol WEB'log Basic 100所有版本、Light所有版本、Pro所有版本及Pro Unlimited所有版本。
CVSS Information
N/A
Vulnerability Type
N/A