An issue exists on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX series, ION76XX series, ION8650 series, ION8800 series, and PM5XXX series. There is no CSRF Token generated to authenticate the user during a session. Successful exploitation of this vulnerability can allow unauthorized configuration changes to be made and saved.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
schneider-electric ion5000 - |
||
schneider-electric ion8650 - |
||
schneider-electric ion8800 - |
||
schneider-electric ion7300 - |
||
schneider-electric ion7500 - |
||
schneider-electric ion7600 - |
Vulmon