Описание
Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:h:sharp:aquos_hn-pp150:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:sharp:aquos_hn-pp150_firmware:1.02.00.04:*:*:*:*:*:*:*
cpe:2.3:o:sharp:aquos_hn-pp150_firmware:1.03.01.04:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
4.3 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users.
EPSS
Процентиль: 19%
0.00061
Низкий
4.3 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-352