CVE-2015-3950

2015-06-0510:00:00

icscert

www.cve.org

AI Score

Confidence

Low

EPSS

0.001

Percentile

40.5%

JSON

Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default admin user via a GET request.

References

www.securityfocus.com/bid/75032

ics-cert.us-cert.gov/advisories/ICSA-15-155-01