exploitDog

CVE-2008-5382

Опубликовано: 09 дек. 2008

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE HDL-F160, HDL-F250, HDL-F300, and HDL-F320 firmware before 1.02 allows remote attackers to (1) change a configuration or (2) delete files as an authenticated user via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:i-o_data:hlf-f160:*:*:*:*:*:*:*:*

cpe:2.3:h:i-o_data:hlf-f250:*:*:*:*:*:*:*:*

cpe:2.3:h:i-o_data:hlf-f300:*:*:*:*:*:*:*:*

cpe:2.3:h:i-o_data:hlf-f320:*:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00261

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-85qq-vf84-rfg4

github

больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE HDL-F160, HDL-F250, HDL-F300, and HDL-F320 firmware before 1.02 allows remote attackers to (1) change a configuration or (2) delete files as an authenticated user via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

EPSS

Процентиль: 49%

0.00261

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352