1 results (0.003 seconds)

CVSS: 10.0EPSS: 19%CPEs: 2EXPL: 0

Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. La divulgación de la contraseña en la interfaz web de los dispositivos socomec DIRIS A-40 versiones anteriores a 48250501, permite que un atacante remoto consiga acceso completo a un dispositivo por medio del URI /password.jsn. Socomec DIRIS A-40 devices versions before 48250501 allow a remote attacker to get full access to a device via the /password.jsn URI. • http://packetstormsecurity.com/files/154764/Socomec-DIRIS-A-40-Password-Disclosure.html http://seclists.org/fulldisclosure/2019/Oct/10 https://www.socomec.com/single-circuit-multifunction-meters_en.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •