This page lists publicly disclosed CVE vulnerabilities affecting sharp jh-rvb1_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-23789 | Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command on the affected product. | [email protected] | 8.8 | 1.18% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23788 | Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product. | [email protected] | 8.1 | 0.81% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23787 | Path traversal vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to obtain an arbitrary file in the affected product. | [email protected] | 6.5 | 0.89% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23786 | Cross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the management page of the affected product. | [email protected] | 9.3 | 0.79% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23785 | Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings. | [email protected] | 6.5 | 0.36% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23784 | Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product. | [email protected] | 6.5 | 0.39% | 2024-02-14 | 2026-06-17 |
| CVE-2024-23783 | Improper authentication vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to access the affected product without authentication. | [email protected] | 8.8 | 0.52% | 2024-02-14 | 2026-06-17 |