CVE-2024-23788 – This CVE describes a server-side request forger... (How to Fix)

Q: What is the severity of CVE-2024-23788?

CVE-2024-23788 has a CVSS score of 8.1 (HIGH). This CVE describes a server-side request forgery (SSRF) vulnerability in Sharp Energy Management Controllers. An unauthenticated attacker on the same network can force the device to send arbitrary HTTP GET requests to internal or external systems. This affects JH-RVB1 and JH-RV11 controllers running firmware version B0.1.9.1 or earlier.

📋 TL;DR

This CVE describes a server-side request forgery (SSRF) vulnerability in Sharp Energy Management Controllers. An unauthenticated attacker on the same network can force the device to send arbitrary HTTP GET requests to internal or external systems. This affects JH-RVB1 and JH-RV11 controllers running firmware version B0.1.9.1 or earlier.

💻 Affected Systems

Products:

Sharp Energy Management Controller JH-RVB1
Sharp Energy Management Controller JH-RV11

Versions: B0.1.9.1 and earlier

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices with cloud services enabled. Requires network adjacency to the controller.

📦 What is this software?

Jh Rv11 Firmware by Sharp

View all CVEs affecting Jh Rv11 Firmware →

Jh Rvb1 Firmware by Sharp

View all CVEs affecting Jh Rvb1 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker could pivot to internal systems, access cloud credentials, perform port scanning, or launch attacks against internal services using the device as a proxy.

🟠

Likely Case

Information disclosure from internal HTTP services, reconnaissance of internal network, or limited data exfiltration.

🟢

If Mitigated

Limited to network-adjacent attacks only, with no authentication bypass or code execution on the controller itself.

🌐 Internet-Facing: LOW - The vulnerability requires network adjacency, not internet exposure.

🏢 Internal Only: HIGH - Any attacker on the same network segment can exploit this without authentication.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

No authentication required, simple HTTP request manipulation. Network adjacency is the main requirement.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: B0.1.9.2 or later

Vendor Advisory: https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdf

Restart Required: Yes

Instructions:

1. Download firmware update from Sharp support site. 2. Upload firmware to controller via web interface. 3. Apply update. 4. Reboot controller.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate energy management controllers on separate VLAN with strict firewall rules.

Access Control Lists

all

Implement network ACLs to restrict which devices can communicate with the controllers.

🧯 If You Can't Patch

Segment controllers on isolated network with no internet access
Implement strict firewall rules to limit controller communication to only necessary services

🔍 How to Verify

Check if Vulnerable:

Check firmware version via controller web interface or SSH if available. Version B0.1.9.1 or earlier is vulnerable.

Check Version:

Check via web interface at http://[controller-ip]/status or similar endpoint

Verify Fix Applied:

Verify firmware version is B0.1.9.2 or later after update.

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP requests originating from controller IP
Controller making requests to unexpected internal/external endpoints

Network Indicators:

Controller making HTTP GET requests to non-standard ports or internal IPs
Unusual outbound traffic patterns from controller

SIEM Query:

source_ip=[controller_ip] AND http_method=GET AND (dst_port!=80 OR dst_port!=443)

📊 Metadata

CVE ID: CVE-2024-23788

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-918

Published: February 14, 2024

Last Updated: March 19, 2025

🔗 References

https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdf Third Party Advisory
https://jp.sharp/support/taiyo/info/JVNVU94591337_jp.pdf Third Party Advisory
https://jvn.jp/en/vu/JVNVU94591337/ Third Party Advisory
https://jp.sharp/support/taiyo/info/JVNVU94591337_en.pdf Third Party Advisory
https://jp.sharp/support/taiyo/info/JVNVU94591337_jp.pdf Third Party Advisory
https://jvn.jp/en/vu/JVNVU94591337/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-23788, you might also want to check these: