Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.
CPE | Name | Operator | Version |
---|---|---|---|
veralite_firmware | eq | 1.5.408 |