CVE-2023-38579

The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.

CVE-2023-45735

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that could affect the correct functioning of the device.