CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
34.9%
Cross-site request forgery (CSRF) vulnerability in MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni prior to Ver.1.11.00, and MAHO-PBX NetDevancer MobileGate Home/Office prior to Ver.1.11.00 allows a remote unauthenticated attacker to hijack the user authentication and conduct user’s unintended operations by having a user to view a malicious page while logged in.
Vendor | Product | Version | CPE |
---|---|---|---|
ate-mahoroba | maho-pbx_netdevancer_firmware | * | cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_firmware:*:*:*:*:lite:*:*:* |
ate-mahoroba | maho-pbx_netdevancer | - | cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer:-:*:*:*:lite:*:*:* |
ate-mahoroba | maho-pbx_netdevancer_vsg_firmware | * | cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_vsg_firmware:*:*:*:*:lite:*:*:* |
ate-mahoroba | maho-pbx_netdevancer_vsg | - | cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer_vsg:-:*:*:*:lite:*:*:* |
ate-mahoroba | maho-pbx_netdevancer_mobilegate_firmware | * | cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_mobilegate_firmware:*:*:*:*:home:*:*:* |
ate-mahoroba | maho-pbx_netdevancer_mobilegate | - | cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer_mobilegate:-:*:*:*:home:*:*:* |
ate-mahoroba | maho-pbx_netdevancer_firmware | * | cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_firmware:*:*:*:*:uni:*:*:* |
ate-mahoroba | maho-pbx_netdevancer | - | cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer:-:*:*:*:uni:*:*:* |
ate-mahoroba | maho-pbx_netdevancer_firmware | * | cpe:2.3:o:ate-mahoroba:maho-pbx_netdevancer_firmware:*:*:*:*:pro:*:*:* |
ate-mahoroba | maho-pbx_netdevancer | - | cpe:2.3:h:ate-mahoroba:maho-pbx_netdevancer:-:*:*:*:pro:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
34.9%