CVE-2017-5165

Summary

An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration.

Affected Software

VendorProductVersion RangeStatus
n/aBINOM3 Electric Power Quality MeterBINOM3 Electric Power Quality Meteraffected

Weaknesses

  • BINOM3 Electric Power Quality Meter csrf

ADP Enrichment

CVE Program Container

Additional References

References