Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Circutor SGE-PLC1000 improper authentication
Vulnerability Description
Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
在信任Cookie未进行验证与完整性检查
Vulnerability Title
Circutor SGE-PLC1000授权问题漏洞
Vulnerability Description
Circutor SGE-PLC1000是一个智能计量系统的设备。主要功能是通过CIRWATT电表或其他采用PRIME技术的电表管理市电。 Circutor SGE-PLC1000 固件版本 0.9.2b中存在安全漏洞,该漏洞源于cookie参数认证不当,攻击者可利用该漏洞通过认证并进行操作。
CVSS Information
N/A
Vulnerability Type
N/A