CNNVD-202510-4391 Information

CNNVD ID

CNNVD-202510-4391

Related CVE

CVE-2025-64386

• CNNVD Published: 2025-10-31

Description (Chinese)

Circutor TCPRS1plus是西班牙Circutor公司的一款通信转换器。 Circutor TCPRS1plus存在安全漏洞，该漏洞源于Web服务器允许攻击者在合法会话活动期间重用旧的JWT令牌，可能导致会话劫持和安全参数修改。

Description (English)

Circutor TCPRS1plus is a communication converter for the Spanish company Circutor. Circutor TCPRS1plus has a security loophole, which stems from the fact that the Web server allows the assailant to reuse the old JWT during a legitimate session, which may lead to the hijacking of a session and to the modification of security parameters.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CIRCUTOR

Published

2025-10-31

Last Modified

2026-02-24

References

https://circutor.com/productos/iot-industrial-y-automatizacion/conversores-y-pasarelas/product/D80010./ https://access.redhat.com/security/cve/cve-2025-64386

Patch

https://circutor.com/productos/iot-industrial-y-automatizacion/conversores-y-pasarelas/product/D80010./