← Back to home
ICSA-15-246-01  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Cogent DataHub Code Injection Vulnerability

CVSS 7.5 HIGH

CVEs (1)

Remediations

  • Cogent has fixed this vulnerability in Version 7.3.9 of DataHub. This is a free upgrade for any customer running V7.x. Cogent advises that customers running versions prior to Version 7.3.9 do one of the following: Upgrade to Cogent DataHub Version 7.3.9 from: (http://www.cogentdatahub.com/Download_Software.html), or Disable the web server component in the Cogent DataHub installation, or Configure network security to block access to the Cogent DataHub web server from untrusted locations, or Delete the file: C:\Program files (x86)\Cogent\Cogent DataHub\require\AJAXSupport.g and then re-start the Cogent DataHub process.

Affected Vendors

Cogent

Affected Products (1)

Cogent · Cogent DataHub <=7.3.8

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more