CVE-2021-33842

Name of the Vulnerable Software and Affected Versions: Circutor SGE-PLC1000 version 0.9.2b

Description: The issue allows an attacker to perform operations as an authenticated user due to an improper authentication vulnerability in the cookie parameter. To exploit this, the attacker must be within the network where the affected device is located.

Recommendations: For Circutor SGE-PLC1000 version 0.9.2b, as a temporary workaround, consider restricting access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.