VYPR

DIRIS A-40

by Socomec

CVEs (2)

  • CVE-2019-15859CriOct 9, 2019
    risk 0.66cvss 9.8epss 0.34

    Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI.

  • CVE-2026-2491Mar 13, 2026
    risk 0.00cvss epss 0.00

    Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. …