CVE-2014-4716

2022-10-0316:20:46

mitre

www.cve.org

thomson

csrf

vulnerability

password

authentication

remote attackers

7.2 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.9%

JSON

Cross-site request forgery (CSRF) vulnerability in Thomson TWG87OUIR allows remote attackers to hijack the authentication of unspecified victims for requests that change passwords via the Password and PasswordReEnter parameters to goform/RgSecurity.

References

osvdb.org/show/osvdb/108397

packetstormsecurity.com/files/127244/Thomson-TWG87OUIR-Cross-Site-Request-Forgery.html

www.exploit-db.com/exploits/33866