Server-side request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to send an arbitrary HTTP request (GET) from the affected product.
[
{
"cpes": [
"cpe:2.3:a:sharp_corporation:energy_management_controller_with_cloud_services:*:*:*:*:*:*:*:*"
],
"vendor": "sharp_corporation",
"product": "energy_management_controller_with_cloud_services",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "jh-rvb1_ver.b0.1.9.1",
"versionType": "custom"
},
{
"status": "affected",
"version": "0",
"lessThan": "jh-rv11_ver.b0.1.9.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]