Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
Vulnerability Type
在安全决策中依赖未经验证和完整性检查的Cookie
Vulnerability Title
Landis+Gyr E850 安全漏洞
Vulnerability Description
Landis+Gyr E850是Landis+Gyr公司的一款高精度电表,专为发电厂、光伏发电、陆上和海上风电场、输电网络、变电站、铁路基础设施以及并网商业和工业消费者而设计。 Landis+Gyr E850 (ZMQ200)存在安全漏洞,该漏洞源于web应用程序导航取决于会话cookie的值,如果攻击者更改cookie值,则用户可能无法访问web应用程序。
CVSS Information
N/A
Vulnerability Type
N/A