Cross site request forgery (csrf)

2023-09-2715:18:00

PRIOn knowledge base

www.prio-n.com

cross site request forgery

web ssh session

gateways

vulnerable

nvd

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.6%

JSON

An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks.

CPENameOperatorVersion
access_controllereq2.1.1.2303271039 

CPE	Name	Operator	Version
	access_controller	eq	2.1.1.2303271039

References

blog.kscsc.online/cves/202335793/md.html

github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH

www.cassianetworks.com/products/iot-access-controller/