本ページは sharp jh-rvb1_firmware に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-23789 | Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command on the affected product. | [email protected] | 8.8 | 1.18% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23788 | Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product. | [email protected] | 8.1 | 0.81% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23787 | Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to obtain an arbitrary file in the affected product. | [email protected] | 6.5 | 0.89% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23786 | Cross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the management page of the affected product. | [email protected] | 9.3 | 0.79% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23785 | Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings. | [email protected] | 6.5 | 0.36% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23784 | Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product. | [email protected] | 6.5 | 0.39% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23783 | Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication. | [email protected] | 8.8 | 0.52% | 2024-02-14 | 2026-06-17 |