An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration.
[
{
"product": "BINOM3 Electric Power Quality Meter",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BINOM3 Electric Power Quality Meter"
}
]
}
]