CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-9877 – Sensitive information submitted using GET method
https://notcve.org/view.php?id=CVE-2024-9877
30 Apr 2025 — : Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4. • https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-9876 – Application is vulnerable to Privilege escalation
https://notcve.org/view.php?id=CVE-2024-9876
30 Apr 2025 — : Modification of Assumed-Immutable Data (MAID) vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4. • https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-471: Modification of Assumed-Immutable Data (MAID) •
CVSS: 2.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47784 – Unverified Password Change
https://notcve.org/view.php?id=CVE-2024-47784
30 Apr 2025 — Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier. Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI This issue affects ANC software version 1.1.4 and earlier. • https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch • CWE-620: Unverified Password Change •