The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HWestermo L206 F2g
HWWestermowszystkie wersjeWestermo L206 F2g Firmware
OSWestermo4.24
Related vulnerabilities
A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that c...
An attacker with access to the network where the affected devices are located could maliciously act...
An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting ...
An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce...
An attacker with access to the web application that has the vulnerable software could introduce arbitrary J...