← Back

Bcu 500 Firmware

bcu_500_firmware

Vendor: Efacec • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-6689
1Efacec
1Bcu 500 Firmware
Nov 21, 2024
Dec 20, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
A successful CSRF attack could force the user to perform state changing requests on the application. If the victim is an administrative account, a CSRF attack could compromise the entire web application.
CVE-2023-50707
1Efacec
1Bcu 500 Firmware
Nov 21, 2024
Dec 20, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
Through the exploitation of active user sessions, an attacker could send custom requests to cause a denial-of-service condition on the device.