CVE-2023-30901

Name of the Vulnerable Software and Affected Versions POWER METER SICAM Q100 versions prior to V2.60 POWER METER SICAM Q200 (affected versions not specified)

Description A vulnerability has been identified in the web interface of the affected devices, making them vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user into clicking a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user. The issue is related to the exploitation of the web interface, allowing a remote attacker to execute arbitrary actions.

Recommendations For POWER METER SICAM Q100 versions prior to V2.60, update to version V2.60 or later to resolve the issue. For POWER METER SICAM Q200, at the moment, there is no information about a newer version that contains a fix for this vulnerability.