Skip to main content

Diris A 40 Firmware

1 CVEs product

Monthly

CVE-2019-15859 CRITICAL POC THREAT Act Now

Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Diris A 40 Firmware
NVD
CVSS 3.1
9.8
EPSS
34.1%
EPSS 34% CVSS 9.8
CRITICAL POC THREAT Act Now

Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Diris A 40 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy