Vulnerabilities (CVE)

Filtered by vendor Sharp Subscribe
Filtered by product Jh-rvb1
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-23785 1 Sharp 4 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 1 more 2024-10-27 N/A 6.5 MEDIUM
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings.
CVE-2024-23786 1 Sharp 4 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 1 more 2024-10-17 N/A 9.3 CRITICAL
Cross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the management page of the affected product.
CVE-2024-23784 1 Sharp 4 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 1 more 2024-10-17 N/A 6.5 MEDIUM
Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product.
CVE-2024-23783 1 Sharp 4 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 1 more 2024-10-17 N/A 8.8 HIGH
Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication.