VYPR
Critical severity9.4NVD Advisory· Published Jun 24, 2022· Updated Jun 17, 2026

CVE-2022-2105

CVE-2022-2105

Description

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters.

Affected products

2
  • Secheron/SEPCOS Control and Protection Relay firmware packagev5
    Range: All versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.