CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-47560

The lack of web request control on ekorCCP and ekorRCI devices allows a potential attacker to create custom requests to execute malicious actions when a user is logged in.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.0%

CVSS Severity

CVSS v3 Score 5.7

References

https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products

Products affected by CVE-2022-47560

Ormazabal » Ekorccp » Version: N/A

cpe:2.3:h:ormazabal:ekorccp:-
Ormazabal » Ekorrci » Version: N/A

cpe:2.3:h:ormazabal:ekorrci:-
Ormazabal » Ekorccp Firmware » Version: 601j

cpe:2.3:o:ormazabal:ekorccp_firmware:601j
Ormazabal » Ekorrci Firmware » Version: 601j

cpe:2.3:o:ormazabal:ekorrci_firmware:601j

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-47560

Products

Pricing

Contact Us