CVE-2024-4600 Information

Description

Cross-Site Request Forgery vulnerability in Socomec Net Vision version 7.20. This vulnerability could allow an attacker to trick registered users into performing critical actions such as adding and updating accounts due to lack of proper sanitisation of the ‘set_param.cgi’ file.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-socomec-net-vision