CVE-2017-12703

Summary

A Cross-Site Request Forgery (CSRF) issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.

Affected Software

VendorProductVersion RangeStatus
n/aWestermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455affected

Weaknesses

  • CSRF

ADP Enrichment

CVE Program Container

Additional References

References