Cross site request forgery (csrf)

2022-05-0414:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.5%

JSON

Cross-Site Request Forgery (CSRF) vulnerability in Web UI of Secomea GateManager allows phishing attacker to issue get request in logged in user session.

CPENameOperatorVersion
gatemanager_4250_firmwarelt9.7.622134021
gatemanager_4260_firmwarelt9.7.622134021
gatemanager_8250_firmwarelt9.7.622134021
gatemanager_9250_firmwarelt9.7.622134021

Name	Operator	Version
gatemanager_4250_firmware	lt	9.7.622134021
gatemanager_4260_firmware	lt	9.7.622134021
gatemanager_8250_firmware	lt	9.7.622134021
gatemanager_9250_firmware	lt	9.7.622134021

References

www.secomea.com/support/cybersecurity-advisory/