Published: 28/01/2020 Updated: 04/02/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote malicious users to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
micasaverde veralite_firmware 1.5.408

Trustwave SpiderLabs Security Advisory TWSL2013-019: Multiple Vulnerabilities in MiCasaVerde VeraLite Published: 08/01/13 Version: 10 Vendor: MiCasaVerde (wwwmicasaverdecom/) Product: VeraLite Version affected: 15408 Product description: The MiCasaVerde VeraLite is the budget model from MiCasaVerde, a product which centralizes contr ...

MiCasaVerde VeraLite version 15408 suffers from path traversal, insufficient authorization checks, and cross site request forgery vulnerabilities ...

CWE-352 http://www.exploit-db.com/exploits/27286 http://packetstormsecurity.com/files/122654/MiCasaVerde-VeraLite-1.5.408-Traversal-Authorization-CSRF-Disclosure.html https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-019.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/27286/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-4865

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect