CVE-2024-4600

Name of the Vulnerable Software and Affected Versions Socomec Net Vision version 7.20

Description The issue is related to a Cross-Site Request Forgery vulnerability. This could allow an attacker to trick registered users into performing critical actions, such as adding and updating accounts, due to the lack of proper sanitisation of the set param.cgi file.

Recommendations For Socomec Net Vision version 7.20, consider disabling access to the set param.cgi file until a patch is available to prevent exploitation of this issue. Restricting user privileges to minimize the impact of potential unauthorized actions is also recommended. At the moment, there is no information about a newer version that contains a fix for this vulnerability.