Cross site request forgery (csrf)

2019-05-0718:29:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.2%

JSON

The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.

CPENameOperatorVersion
fl_switch_3004t-fx_firmwarege1.0
fl_switch_3004t-fx_firmwarele1.34
fl_switch_3004t-fx_st_firmwarege1.0
fl_switch_3004t-fx_st_firmwarele1.34
fl_switch_3005_firmwarege1.0
fl_switch_3005_firmwarele1.34
fl_switch_3005t_firmwarege1.0
fl_switch_3005t_firmwarele1.34
fl_switch_3006t-2fx_firmwarege1.0
fl_switch_3006t-2fx_firmwarele1.34

Name	Operator	Version
fl_switch_3004t-fx_firmware	ge	1.0
fl_switch_3004t-fx_firmware	le	1.34
fl_switch_3004t-fx_st_firmware	ge	1.0
fl_switch_3004t-fx_st_firmware	le	1.34
fl_switch_3005_firmware	ge	1.0
fl_switch_3005_firmware	le	1.34
fl_switch_3005t_firmware	ge	1.0
fl_switch_3005t_firmware	le	1.34
fl_switch_3006t-2fx_firmware	ge	1.0
fl_switch_3006t-2fx_firmware	le	1.34