CVE-2015-7925

High CVSS 8.0

Overview

Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware through 10.1s0 allows remote attackers to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot.

CWE: CWE-352 Published: 2015-12-23T11:59:01.143

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.0 (HIGH)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags