Siemens : Security Vulnerabilities, CVEs, Published In 2017 (CSRF)
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF.
Max CVSS
8.8
EPSS Score
0.13%
Published
2017-03-29
Updated
2017-07-12
The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.
Max CVSS
8.8
EPSS Score
0.19%
Published
2017-02-27
Updated
2017-07-17
2 vulnerabilities found