Описание
A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:socomec:diris_m-70_firmware:1.6.9:*:*:*:*:*:*:*
cpe:2.3:h:socomec:diris_m-70:-:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00064
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 7.5
github
2 месяца назад
A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to unauthorized access. An attacker can stage a malicious webpage to trigger this vulnerability.
EPSS
Процентиль: 20%
0.00064
Низкий
7.5 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-352