exploitDog

GHSA-8p3j-jhwf-33v9

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8

Описание

Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot.

Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot.

Ссылки

EPSS

Процентиль: 43%

0.00211

Низкий

8 High

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2015-7925

CVSS3: 8

nvd

около 10 лет назад

Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot.

EPSS

Процентиль: 43%

0.00211

Низкий

8 High

CVSS3

CVE ID

Дефекты

CWE-352