Socomec DIRIS A-40 devices versions before 48250501 allow a remote attacker to get full access to a device via the /password.jsn URI.
baec89aa472335274e4cf2482d44a22d[description]
Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the
/password.jsn URI.
------------------------------------------
[Vulnerability Type]
Incorrect Access Control
------------------------------------------
[Vendor of Product]
Socomec (https://www.socomec.com)
------------------------------------------
[Affected Product Code Base]
DIRIS A-40 https://www.socomec.com/single-circuit-multifunction-meters_en.html - all versions before ref 48250501
------------------------------------------
[Affected Component]
web interface
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Denial of Service]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
An attacker visiting http://<device ip>/password.jsn can view the
devices usernames and passwords in cleartext and use these to get full
administrative control over the device.
------------------------------------------
[Has vendor confirmed or acknowledged the vulnerability?]
true
------------------------------------------
[Discoverer]
Jens Timmerman (Mazars)
------------------------------------------
[Reference]
https://www.socomec.com/single-circuit-multifunction-meters_en.html
CVE-2019-15859