Cross site request forgery (csrf)

2021-08-0520:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.0%

JSON

A vulnerability in the web-based interface allows an unauthenticated remote attacker to trigger actions on an affected system on behalf of another user (CSRF - Cross Site Request Forgery). This requires the victim to be tricked into clicking a malicious link or opening a malicious website while being logged in into the camera.

CPENameOperatorVersion
aviotec_firmwareeq7.61
aviotec_firmwareeq7.72
cpp13_firmwareeq7.75
cpp14_firmwareeq8.00
cpp4_firmwareeq7.10
cpp6_firmwareeq7.60
cpp6_firmwareeq7.61
cpp6_firmwareeq7.70
cpp6_firmwareeq7.80
cpp7.3_firmwareeq7.60

Name	Operator	Version
aviotec_firmware	eq	7.61
aviotec_firmware	eq	7.72
cpp13_firmware	eq	7.75
cpp14_firmware	eq	8.00
cpp4_firmware	eq	7.10
cpp6_firmware	eq	7.60
cpp6_firmware	eq	7.61
cpp6_firmware	eq	7.70
cpp6_firmware	eq	7.80
cpp7.3_firmware	eq	7.60