CVE-2019-5616


03/15/2019

CVE-2019-5616

CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user’s web browser.

Attack vector: 
Network

Product: 
broadcastboxes: scion-8_firmware

References: 
https://blog.rapid7.com/2019/03/12/r7-2019-01-circuitwerkes-sicon-8-client-side-authentication-read-only-bypass-cve-2019-5616/

Severity: 
Medium

CVSS Score: 
5.0

CVSS Vector: 
(AV:N/AC:L/Au:N/C:P/I:N/A:N)



Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *