2 matches found
CVE-2017-9381
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a user with the capability of installing or deleting apps on the device using the web management interface. It seems that the device does not implement any cross-site request forgery protection...
CVE-2017-9381
Vera VeraEdge (1.7.19) and Veralite (1.7.481) expose a CSRF vulnerability in their web management interface that allows an attacker to trick a logged-in user into installing or deleting apps. The root cause is the absence of cross-site request forgery protection, a systemic issue affecting other ...