2 matches found
CVE-2017-14011
CVE-2017-14011 affects the ProMinent MultiFLEX M10a Controller web interface. The vulnerability is a Cross-Site Request Forgery arising from insufficient verification of requests in the application, which may allow an attacker to perform unauthorized actions and change the device configuration. A...
ProMinent MultiFLEX M10a Controller
CVSS v3 8.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: ProMinent Equipment: MultiFLEX M10a Controller Vulnerabilities: Client-Side Enforcement of Server-Side Security, Insufficient Session Expiration, Cross-Site Request Forgery, Information Exposure, and Unverified Passwo...