Описание
Cross-site request forgery (CSRF) vulnerability on the eSoft InstaGate EX2 UTM device before firmware 3.1.20070615 allows remote attackers to perform privileged actions as administrators. NOTE: the vendor disputes the distribution of the vulnerable software, stating that it was a custom build for a former customer
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:esoft:instagate_ex2_utm:firmware_3.1.20031001:*:*:*:*:*:*:*
cpe:2.3:h:esoft:instagate_ex2_utm:firmware_3.1.20060921:*:*:*:*:*:*:*
cpe:2.3:h:esoft:instagate_ex2_utm:firmware_3.1.20070605:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02378
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability on the eSoft InstaGate EX2 UTM device before firmware 3.1.20070615 allows remote attackers to perform privileged actions as administrators. NOTE: the vendor disputes the distribution of the vulnerable software, stating that it was a custom build for a former customer.
EPSS
Процентиль: 85%
0.02378
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other