Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Socomec MOD3GP-SY-120K Reliance on Cookies without Validation and Integrity Checking
Vulnerability Description
Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
在信任Cookie未进行验证与完整性检查
Vulnerability Title
Socomec MODULYS GP 安全漏洞
Vulnerability Description
Socomec MODULYS GP是法国溯高美索克曼(Socomec)公司的一个绿色电源设备。 Socomec MODULYS GP 存在安全漏洞,该漏洞源于 Web 应用程序中的会话管理不正确,攻击者可以窃取会话 cookie,以执行 Web 应用程序允许在设备上执行的多种操作。
CVSS Information
N/A
Vulnerability Type
N/A