2 matches found
CVE-2020-36283
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver Ethernet Emulation Mode. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to upload a configuration file to the device. An attacker...
CVE-2020-36283
The CVE-2020-36283 issue affects HID OMNIKEY 5427 and OMNIKEY 5127 readers. A CSRF flaw in the Ethernet Emulation Mode (EEM) driver allows an authenticated user, lured to a malicious site, to send a crafted HTTP request that uploads a configuration file to the device. This can enable cross-site s...