Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-Site Request Forgery vulnerability in Socomec Net Vision
Vulnerability Description
Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to lack of proper sanitisation of the ‘set_param.cgi’ file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Socomec Net Vision 跨站请求伪造漏洞
Vulnerability Description
Socomec Net Vision是法国溯高美索克曼(Socomec)公司的一个网络适配器。用于对单个和模块化 UPS 或并联 UPS 系统进行专业监控和远程控制。 Socomec Net Vision 7.20 版本存在跨站请求伪造漏洞,该漏洞源于 set_param.cgi 缺乏适当的清理,允许攻击者诱骗注册用户执行关键操作,例如添加和更新帐户。
CVSS Information
N/A
Vulnerability Type
N/A